diff --git a/clients/client-accessanalyzer/package.json b/clients/client-accessanalyzer/package.json index 9581c5be959fa..82276a1076b65 100644 --- a/clients/client-accessanalyzer/package.json +++ b/clients/client-accessanalyzer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-accessanalyzer/src/AccessAnalyzerClient.ts b/clients/client-accessanalyzer/src/AccessAnalyzerClient.ts index 55a3f21079a2c..fefb884cdac40 100644 --- a/clients/client-accessanalyzer/src/AccessAnalyzerClient.ts +++ b/clients/client-accessanalyzer/src/AccessAnalyzerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAccessAnalyzerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ApplyArchiveRuleCommandInput, ApplyArchiveRuleCommandOutput } from "./commands/ApplyArchiveRuleCommand"; import { CancelPolicyGenerationCommandInput, @@ -279,21 +284,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -332,8 +338,8 @@ export type AccessAnalyzerClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -352,8 +358,8 @@ export type AccessAnalyzerClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -407,8 +413,8 @@ export class AccessAnalyzerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -417,8 +423,14 @@ export class AccessAnalyzerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -429,4 +441,13 @@ export class AccessAnalyzerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAccessAnalyzerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AccessAnalyzerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-accessanalyzer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-accessanalyzer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..27cf61a424968 --- /dev/null +++ b/clients/client-accessanalyzer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AccessAnalyzerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AccessAnalyzerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AccessAnalyzerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AccessAnalyzerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AccessAnalyzerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AccessAnalyzerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-accessanalyzer/src/auth/httpAuthSchemeProvider.ts b/clients/client-accessanalyzer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ed36d0dd2ff08 --- /dev/null +++ b/clients/client-accessanalyzer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AccessAnalyzerClientConfig, AccessAnalyzerClientResolvedConfig } from "../AccessAnalyzerClient"; + +/** + * @internal + */ +export interface AccessAnalyzerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AccessAnalyzerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AccessAnalyzerClientResolvedConfig, + HandlerExecutionContext, + AccessAnalyzerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAccessAnalyzerHttpAuthSchemeParametersProvider = async ( + config: AccessAnalyzerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AccessAnalyzerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "access-analyzer", + region: authParameters.region, + }, + propertiesExtractor: (config: AccessAnalyzerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AccessAnalyzerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAccessAnalyzerHttpAuthSchemeProvider: AccessAnalyzerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AccessAnalyzerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AccessAnalyzerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-accessanalyzer/src/extensionConfiguration.ts b/clients/client-accessanalyzer/src/extensionConfiguration.ts index 9e2d93196e2f7..3a1eed8e34f0d 100644 --- a/clients/client-accessanalyzer/src/extensionConfiguration.ts +++ b/clients/client-accessanalyzer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AccessAnalyzerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-accessanalyzer/src/runtimeConfig.shared.ts b/clients/client-accessanalyzer/src/runtimeConfig.shared.ts index 49a4bdc5038b2..143a188349995 100644 --- a/clients/client-accessanalyzer/src/runtimeConfig.shared.ts +++ b/clients/client-accessanalyzer/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AccessAnalyzerClientConfig } from "./AccessAnalyzerClient"; +import { defaultAccessAnalyzerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AccessAnalyzerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAccessAnalyzerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AccessAnalyzer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-accessanalyzer/src/runtimeExtensions.ts b/clients/client-accessanalyzer/src/runtimeExtensions.ts index f74d8fb4c7f87..75129a7748a53 100644 --- a/clients/client-accessanalyzer/src/runtimeExtensions.ts +++ b/clients/client-accessanalyzer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AccessAnalyzerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-account/package.json b/clients/client-account/package.json index 46e9d990764a5..a6b38e15498f4 100644 --- a/clients/client-account/package.json +++ b/clients/client-account/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-account/src/AccountClient.ts b/clients/client-account/src/AccountClient.ts index 9effca07f7428..1eb8887dc1c6d 100644 --- a/clients/client-account/src/AccountClient.ts +++ b/clients/client-account/src/AccountClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAccountHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteAlternateContactCommandInput, DeleteAlternateContactCommandOutput, @@ -198,21 +203,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -251,8 +257,8 @@ export type AccountClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -271,8 +277,8 @@ export type AccountClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -303,8 +309,8 @@ export class AccountClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -313,8 +319,14 @@ export class AccountClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -325,4 +337,13 @@ export class AccountClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAccountHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AccountClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-account/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-account/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..de1363cd57e4a --- /dev/null +++ b/clients/client-account/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AccountHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AccountHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AccountHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AccountHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AccountHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AccountHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-account/src/auth/httpAuthSchemeProvider.ts b/clients/client-account/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a106649c2cd07 --- /dev/null +++ b/clients/client-account/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AccountClientConfig, AccountClientResolvedConfig } from "../AccountClient"; + +/** + * @internal + */ +export interface AccountHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AccountHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AccountClientResolvedConfig, + HandlerExecutionContext, + AccountHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAccountHttpAuthSchemeParametersProvider = async ( + config: AccountClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AccountHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "account", + region: authParameters.region, + }, + propertiesExtractor: (config: AccountClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AccountHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAccountHttpAuthSchemeProvider: AccountHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AccountHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AccountHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-account/src/extensionConfiguration.ts b/clients/client-account/src/extensionConfiguration.ts index c844b216f5c6f..bcfcd8d7620fe 100644 --- a/clients/client-account/src/extensionConfiguration.ts +++ b/clients/client-account/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AccountExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-account/src/runtimeConfig.shared.ts b/clients/client-account/src/runtimeConfig.shared.ts index b6b4f6d941c41..8e98a747337ce 100644 --- a/clients/client-account/src/runtimeConfig.shared.ts +++ b/clients/client-account/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AccountClientConfig } from "./AccountClient"; +import { defaultAccountHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AccountClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAccountHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Account", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-account/src/runtimeExtensions.ts b/clients/client-account/src/runtimeExtensions.ts index 3645fef82207a..8ac533e9f5124 100644 --- a/clients/client-account/src/runtimeExtensions.ts +++ b/clients/client-account/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AccountExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-acm-pca/package.json b/clients/client-acm-pca/package.json index 1dbb27694fd6e..848a481c1d489 100644 --- a/clients/client-acm-pca/package.json +++ b/clients/client-acm-pca/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-acm-pca/src/ACMPCAClient.ts b/clients/client-acm-pca/src/ACMPCAClient.ts index f65981e256cb8..2bab991b06750 100644 --- a/clients/client-acm-pca/src/ACMPCAClient.ts +++ b/clients/client-acm-pca/src/ACMPCAClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultACMPCAHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCertificateAuthorityAuditReportCommandInput, CreateCertificateAuthorityAuditReportCommandOutput, @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type ACMPCAClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type ACMPCAClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -384,8 +390,8 @@ export class ACMPCAClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -394,8 +400,14 @@ export class ACMPCAClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -406,4 +418,13 @@ export class ACMPCAClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultACMPCAHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ACMPCAClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-acm-pca/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-acm-pca/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9499c82899da6 --- /dev/null +++ b/clients/client-acm-pca/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ACMPCAHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ACMPCAHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ACMPCAHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ACMPCAHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ACMPCAHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ACMPCAHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-acm-pca/src/auth/httpAuthSchemeProvider.ts b/clients/client-acm-pca/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..80b148ebb1c6a --- /dev/null +++ b/clients/client-acm-pca/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ACMPCAClientConfig, ACMPCAClientResolvedConfig } from "../ACMPCAClient"; + +/** + * @internal + */ +export interface ACMPCAHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ACMPCAHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ACMPCAClientResolvedConfig, + HandlerExecutionContext, + ACMPCAHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultACMPCAHttpAuthSchemeParametersProvider = async ( + config: ACMPCAClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ACMPCAHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "acm-pca", + region: authParameters.region, + }, + propertiesExtractor: (config: ACMPCAClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ACMPCAHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultACMPCAHttpAuthSchemeProvider: ACMPCAHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ACMPCAHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ACMPCAHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-acm-pca/src/extensionConfiguration.ts b/clients/client-acm-pca/src/extensionConfiguration.ts index e2a98fdd64e6b..1733a1e4efbaf 100644 --- a/clients/client-acm-pca/src/extensionConfiguration.ts +++ b/clients/client-acm-pca/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ACMPCAExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-acm-pca/src/runtimeConfig.shared.ts b/clients/client-acm-pca/src/runtimeConfig.shared.ts index 53fedc0408266..23c6ed80a7eea 100644 --- a/clients/client-acm-pca/src/runtimeConfig.shared.ts +++ b/clients/client-acm-pca/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ACMPCAClientConfig } from "./ACMPCAClient"; +import { defaultACMPCAHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ACMPCAClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultACMPCAHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ACM PCA", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-acm-pca/src/runtimeExtensions.ts b/clients/client-acm-pca/src/runtimeExtensions.ts index 0610276c87090..1baac1652601e 100644 --- a/clients/client-acm-pca/src/runtimeExtensions.ts +++ b/clients/client-acm-pca/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ACMPCAExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-acm/package.json b/clients/client-acm/package.json index 58cc07c86bc8c..6a84e0d414857 100644 --- a/clients/client-acm/package.json +++ b/clients/client-acm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-acm/src/ACMClient.ts b/clients/client-acm/src/ACMClient.ts index ee6ecfa5d5b9f..ac1bac27f2623 100644 --- a/clients/client-acm/src/ACMClient.ts +++ b/clients/client-acm/src/ACMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultACMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToCertificateCommandInput, AddTagsToCertificateCommandOutput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type ACMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type ACMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -332,8 +338,8 @@ export class ACMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -342,8 +348,14 @@ export class ACMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -354,4 +366,13 @@ export class ACMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultACMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ACMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-acm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-acm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..258e677de5203 --- /dev/null +++ b/clients/client-acm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ACMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ACMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ACMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ACMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ACMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ACMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-acm/src/auth/httpAuthSchemeProvider.ts b/clients/client-acm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..71e846edaa5f2 --- /dev/null +++ b/clients/client-acm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ACMClientConfig, ACMClientResolvedConfig } from "../ACMClient"; + +/** + * @internal + */ +export interface ACMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ACMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ACMClientResolvedConfig, + HandlerExecutionContext, + ACMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultACMHttpAuthSchemeParametersProvider = async ( + config: ACMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ACMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "acm", + region: authParameters.region, + }, + propertiesExtractor: (config: ACMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ACMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultACMHttpAuthSchemeProvider: ACMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ACMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ACMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-acm/src/extensionConfiguration.ts b/clients/client-acm/src/extensionConfiguration.ts index cb73ec4a18fc0..7cc6db259956f 100644 --- a/clients/client-acm/src/extensionConfiguration.ts +++ b/clients/client-acm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ACMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-acm/src/runtimeConfig.shared.ts b/clients/client-acm/src/runtimeConfig.shared.ts index 9ca1d4904d63f..1c36a21138632 100644 --- a/clients/client-acm/src/runtimeConfig.shared.ts +++ b/clients/client-acm/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ACMClientConfig } from "./ACMClient"; +import { defaultACMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ACMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultACMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ACM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-acm/src/runtimeExtensions.ts b/clients/client-acm/src/runtimeExtensions.ts index 3b437e20ba7dc..b1963002488d9 100644 --- a/clients/client-acm/src/runtimeExtensions.ts +++ b/clients/client-acm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ACMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-alexa-for-business/package.json b/clients/client-alexa-for-business/package.json index 29de26276e701..2327d5ee30e0c 100644 --- a/clients/client-alexa-for-business/package.json +++ b/clients/client-alexa-for-business/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-alexa-for-business/src/AlexaForBusinessClient.ts b/clients/client-alexa-for-business/src/AlexaForBusinessClient.ts index 0e0cfeeef1fce..5b404d4dac578 100644 --- a/clients/client-alexa-for-business/src/AlexaForBusinessClient.ts +++ b/clients/client-alexa-for-business/src/AlexaForBusinessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAlexaForBusinessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ApproveSkillCommandInput, ApproveSkillCommandOutput } from "./commands/ApproveSkillCommand"; import { AssociateContactWithAddressBookCommandInput, @@ -552,21 +557,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -605,8 +611,8 @@ export type AlexaForBusinessClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -625,8 +631,8 @@ export type AlexaForBusinessClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -659,8 +665,8 @@ export class AlexaForBusinessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -669,8 +675,14 @@ export class AlexaForBusinessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -681,4 +693,13 @@ export class AlexaForBusinessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAlexaForBusinessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AlexaForBusinessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-alexa-for-business/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-alexa-for-business/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1c2f2d62ec40a --- /dev/null +++ b/clients/client-alexa-for-business/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AlexaForBusinessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AlexaForBusinessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AlexaForBusinessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AlexaForBusinessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AlexaForBusinessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AlexaForBusinessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-alexa-for-business/src/auth/httpAuthSchemeProvider.ts b/clients/client-alexa-for-business/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0b6c5a211dba1 --- /dev/null +++ b/clients/client-alexa-for-business/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AlexaForBusinessClientConfig, AlexaForBusinessClientResolvedConfig } from "../AlexaForBusinessClient"; + +/** + * @internal + */ +export interface AlexaForBusinessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AlexaForBusinessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AlexaForBusinessClientResolvedConfig, + HandlerExecutionContext, + AlexaForBusinessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAlexaForBusinessHttpAuthSchemeParametersProvider = async ( + config: AlexaForBusinessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AlexaForBusinessHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "a4b", + region: authParameters.region, + }, + propertiesExtractor: (config: AlexaForBusinessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AlexaForBusinessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAlexaForBusinessHttpAuthSchemeProvider: AlexaForBusinessHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AlexaForBusinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AlexaForBusinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-alexa-for-business/src/extensionConfiguration.ts b/clients/client-alexa-for-business/src/extensionConfiguration.ts index d39c91c5629b1..b26285e8aa4ee 100644 --- a/clients/client-alexa-for-business/src/extensionConfiguration.ts +++ b/clients/client-alexa-for-business/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AlexaForBusinessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-alexa-for-business/src/runtimeConfig.shared.ts b/clients/client-alexa-for-business/src/runtimeConfig.shared.ts index 386a7f49a5ebd..6dcbd373d3909 100644 --- a/clients/client-alexa-for-business/src/runtimeConfig.shared.ts +++ b/clients/client-alexa-for-business/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AlexaForBusinessClientConfig } from "./AlexaForBusinessClient"; +import { defaultAlexaForBusinessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AlexaForBusinessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAlexaForBusinessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Alexa For Business", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-alexa-for-business/src/runtimeExtensions.ts b/clients/client-alexa-for-business/src/runtimeExtensions.ts index 910255553b33c..618c67c25cbef 100644 --- a/clients/client-alexa-for-business/src/runtimeExtensions.ts +++ b/clients/client-alexa-for-business/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AlexaForBusinessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-amp/package.json b/clients/client-amp/package.json index c7c2f4ce168b1..8a60353f42349 100644 --- a/clients/client-amp/package.json +++ b/clients/client-amp/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-amp/src/AmpClient.ts b/clients/client-amp/src/AmpClient.ts index 97e365fda0e09..1cde388f256aa 100644 --- a/clients/client-amp/src/AmpClient.ts +++ b/clients/client-amp/src/AmpClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAmpHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAlertManagerDefinitionCommandInput, CreateAlertManagerDefinitionCommandOutput, @@ -282,21 +287,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -335,8 +341,8 @@ export type AmpClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -355,8 +361,8 @@ export type AmpClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -404,8 +410,8 @@ export class AmpClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -414,8 +420,14 @@ export class AmpClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -426,4 +438,13 @@ export class AmpClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAmpHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AmpClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-amp/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-amp/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cd9512cbc8f44 --- /dev/null +++ b/clients/client-amp/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AmpHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmpHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AmpHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AmpHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmpHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AmpHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-amp/src/auth/httpAuthSchemeProvider.ts b/clients/client-amp/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..59d6f4199e954 --- /dev/null +++ b/clients/client-amp/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AmpClientConfig, AmpClientResolvedConfig } from "../AmpClient"; + +/** + * @internal + */ +export interface AmpHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AmpHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AmpClientResolvedConfig, + HandlerExecutionContext, + AmpHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAmpHttpAuthSchemeParametersProvider = async ( + config: AmpClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AmpHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aps", + region: authParameters.region, + }, + propertiesExtractor: (config: AmpClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AmpHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAmpHttpAuthSchemeProvider: AmpHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AmpHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AmpHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-amp/src/extensionConfiguration.ts b/clients/client-amp/src/extensionConfiguration.ts index 1f7ea87fa690a..f2c908b00b40a 100644 --- a/clients/client-amp/src/extensionConfiguration.ts +++ b/clients/client-amp/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AmpExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-amp/src/runtimeConfig.shared.ts b/clients/client-amp/src/runtimeConfig.shared.ts index 32ae51516fcb6..ba98714e102ae 100644 --- a/clients/client-amp/src/runtimeConfig.shared.ts +++ b/clients/client-amp/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AmpClientConfig } from "./AmpClient"; +import { defaultAmpHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AmpClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAmpHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "amp", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-amp/src/runtimeExtensions.ts b/clients/client-amp/src/runtimeExtensions.ts index f7504bfa6c5aa..dee2d9193c138 100644 --- a/clients/client-amp/src/runtimeExtensions.ts +++ b/clients/client-amp/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AmpExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-amplify/package.json b/clients/client-amplify/package.json index 6dbf4b16cf5fa..ccf54d5d442cf 100644 --- a/clients/client-amplify/package.json +++ b/clients/client-amplify/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-amplify/src/AmplifyClient.ts b/clients/client-amplify/src/AmplifyClient.ts index 234f311e3e429..b7081c6461e7e 100644 --- a/clients/client-amplify/src/AmplifyClient.ts +++ b/clients/client-amplify/src/AmplifyClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAmplifyHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAppCommandInput, CreateAppCommandOutput } from "./commands/CreateAppCommand"; import { CreateBackendEnvironmentCommandInput, @@ -297,21 +302,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -350,8 +356,8 @@ export type AmplifyClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -370,8 +376,8 @@ export type AmplifyClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -407,8 +413,8 @@ export class AmplifyClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -417,8 +423,14 @@ export class AmplifyClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -429,4 +441,13 @@ export class AmplifyClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAmplifyHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AmplifyClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-amplify/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-amplify/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..efc0e6bfc8abe --- /dev/null +++ b/clients/client-amplify/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AmplifyHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AmplifyHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AmplifyHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AmplifyHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-amplify/src/auth/httpAuthSchemeProvider.ts b/clients/client-amplify/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..17ce740117b20 --- /dev/null +++ b/clients/client-amplify/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AmplifyClientConfig, AmplifyClientResolvedConfig } from "../AmplifyClient"; + +/** + * @internal + */ +export interface AmplifyHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AmplifyHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AmplifyClientResolvedConfig, + HandlerExecutionContext, + AmplifyHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAmplifyHttpAuthSchemeParametersProvider = async ( + config: AmplifyClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AmplifyHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "amplify", + region: authParameters.region, + }, + propertiesExtractor: (config: AmplifyClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AmplifyHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAmplifyHttpAuthSchemeProvider: AmplifyHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AmplifyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AmplifyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-amplify/src/extensionConfiguration.ts b/clients/client-amplify/src/extensionConfiguration.ts index e48532e99ca54..cf47667f99e7c 100644 --- a/clients/client-amplify/src/extensionConfiguration.ts +++ b/clients/client-amplify/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AmplifyExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-amplify/src/runtimeConfig.shared.ts b/clients/client-amplify/src/runtimeConfig.shared.ts index e516445259493..d1ea2f4dcfad5 100644 --- a/clients/client-amplify/src/runtimeConfig.shared.ts +++ b/clients/client-amplify/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AmplifyClientConfig } from "./AmplifyClient"; +import { defaultAmplifyHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AmplifyClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAmplifyHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Amplify", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-amplify/src/runtimeExtensions.ts b/clients/client-amplify/src/runtimeExtensions.ts index 51d1c330b7553..f1332f6345789 100644 --- a/clients/client-amplify/src/runtimeExtensions.ts +++ b/clients/client-amplify/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AmplifyExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-amplifybackend/package.json b/clients/client-amplifybackend/package.json index e962f57855101..2736e61ee5d1e 100644 --- a/clients/client-amplifybackend/package.json +++ b/clients/client-amplifybackend/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-amplifybackend/src/AmplifyBackendClient.ts b/clients/client-amplifybackend/src/AmplifyBackendClient.ts index 7c728de7e5492..4be955eea0f36 100644 --- a/clients/client-amplifybackend/src/AmplifyBackendClient.ts +++ b/clients/client-amplifybackend/src/AmplifyBackendClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAmplifyBackendHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CloneBackendCommandInput, CloneBackendCommandOutput } from "./commands/CloneBackendCommand"; import { CreateBackendAPICommandInput, CreateBackendAPICommandOutput } from "./commands/CreateBackendAPICommand"; import { CreateBackendAuthCommandInput, CreateBackendAuthCommandOutput } from "./commands/CreateBackendAuthCommand"; @@ -276,21 +281,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -329,8 +335,8 @@ export type AmplifyBackendClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -349,8 +355,8 @@ export type AmplifyBackendClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -381,8 +387,8 @@ export class AmplifyBackendClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -391,8 +397,14 @@ export class AmplifyBackendClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -403,4 +415,13 @@ export class AmplifyBackendClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAmplifyBackendHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AmplifyBackendClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-amplifybackend/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-amplifybackend/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3d75a2f965ebf --- /dev/null +++ b/clients/client-amplifybackend/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AmplifyBackendHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyBackendHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AmplifyBackendHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AmplifyBackendHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyBackendHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AmplifyBackendHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-amplifybackend/src/auth/httpAuthSchemeProvider.ts b/clients/client-amplifybackend/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..24b6cc9134f39 --- /dev/null +++ b/clients/client-amplifybackend/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AmplifyBackendClientConfig, AmplifyBackendClientResolvedConfig } from "../AmplifyBackendClient"; + +/** + * @internal + */ +export interface AmplifyBackendHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AmplifyBackendHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AmplifyBackendClientResolvedConfig, + HandlerExecutionContext, + AmplifyBackendHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAmplifyBackendHttpAuthSchemeParametersProvider = async ( + config: AmplifyBackendClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AmplifyBackendHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "amplifybackend", + region: authParameters.region, + }, + propertiesExtractor: (config: AmplifyBackendClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AmplifyBackendHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAmplifyBackendHttpAuthSchemeProvider: AmplifyBackendHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AmplifyBackendHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AmplifyBackendHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-amplifybackend/src/extensionConfiguration.ts b/clients/client-amplifybackend/src/extensionConfiguration.ts index 265e97bda513d..e87258a1008a6 100644 --- a/clients/client-amplifybackend/src/extensionConfiguration.ts +++ b/clients/client-amplifybackend/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AmplifyBackendExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-amplifybackend/src/runtimeConfig.shared.ts b/clients/client-amplifybackend/src/runtimeConfig.shared.ts index a37b20355225d..9c27fc9880a6f 100644 --- a/clients/client-amplifybackend/src/runtimeConfig.shared.ts +++ b/clients/client-amplifybackend/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AmplifyBackendClientConfig } from "./AmplifyBackendClient"; +import { defaultAmplifyBackendHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AmplifyBackendClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAmplifyBackendHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AmplifyBackend", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-amplifybackend/src/runtimeExtensions.ts b/clients/client-amplifybackend/src/runtimeExtensions.ts index b90f94b5da126..6fb811be84cf1 100644 --- a/clients/client-amplifybackend/src/runtimeExtensions.ts +++ b/clients/client-amplifybackend/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AmplifyBackendExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-amplifyuibuilder/package.json b/clients/client-amplifyuibuilder/package.json index 7fbf0dbcca4d6..ba9d8eb7bdafe 100644 --- a/clients/client-amplifyuibuilder/package.json +++ b/clients/client-amplifyuibuilder/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-amplifyuibuilder/src/AmplifyUIBuilderClient.ts b/clients/client-amplifyuibuilder/src/AmplifyUIBuilderClient.ts index b95e2848ab066..78b1ce3177eda 100644 --- a/clients/client-amplifyuibuilder/src/AmplifyUIBuilderClient.ts +++ b/clients/client-amplifyuibuilder/src/AmplifyUIBuilderClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAmplifyUIBuilderHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateComponentCommandInput, CreateComponentCommandOutput } from "./commands/CreateComponentCommand"; import { CreateFormCommandInput, CreateFormCommandOutput } from "./commands/CreateFormCommand"; import { CreateThemeCommandInput, CreateThemeCommandOutput } from "./commands/CreateThemeCommand"; @@ -234,21 +239,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -287,8 +293,8 @@ export type AmplifyUIBuilderClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export type AmplifyUIBuilderClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -347,8 +353,8 @@ export class AmplifyUIBuilderClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -357,8 +363,14 @@ export class AmplifyUIBuilderClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -369,4 +381,13 @@ export class AmplifyUIBuilderClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAmplifyUIBuilderHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AmplifyUIBuilderClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-amplifyuibuilder/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-amplifyuibuilder/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2abc7c5262d85 --- /dev/null +++ b/clients/client-amplifyuibuilder/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AmplifyUIBuilderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyUIBuilderHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AmplifyUIBuilderHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AmplifyUIBuilderHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AmplifyUIBuilderHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AmplifyUIBuilderHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-amplifyuibuilder/src/auth/httpAuthSchemeProvider.ts b/clients/client-amplifyuibuilder/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6a93e0f912e07 --- /dev/null +++ b/clients/client-amplifyuibuilder/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AmplifyUIBuilderClientConfig, AmplifyUIBuilderClientResolvedConfig } from "../AmplifyUIBuilderClient"; + +/** + * @internal + */ +export interface AmplifyUIBuilderHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AmplifyUIBuilderHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AmplifyUIBuilderClientResolvedConfig, + HandlerExecutionContext, + AmplifyUIBuilderHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAmplifyUIBuilderHttpAuthSchemeParametersProvider = async ( + config: AmplifyUIBuilderClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AmplifyUIBuilderHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "amplifyuibuilder", + region: authParameters.region, + }, + propertiesExtractor: (config: AmplifyUIBuilderClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AmplifyUIBuilderHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAmplifyUIBuilderHttpAuthSchemeProvider: AmplifyUIBuilderHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AmplifyUIBuilderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AmplifyUIBuilderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-amplifyuibuilder/src/extensionConfiguration.ts b/clients/client-amplifyuibuilder/src/extensionConfiguration.ts index dd1e9e0501570..2863e502433d7 100644 --- a/clients/client-amplifyuibuilder/src/extensionConfiguration.ts +++ b/clients/client-amplifyuibuilder/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AmplifyUIBuilderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-amplifyuibuilder/src/runtimeConfig.shared.ts b/clients/client-amplifyuibuilder/src/runtimeConfig.shared.ts index 125d25b438261..6c9f0b73ebc05 100644 --- a/clients/client-amplifyuibuilder/src/runtimeConfig.shared.ts +++ b/clients/client-amplifyuibuilder/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AmplifyUIBuilderClientConfig } from "./AmplifyUIBuilderClient"; +import { defaultAmplifyUIBuilderHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AmplifyUIBuilderClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAmplifyUIBuilderHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AmplifyUIBuilder", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-amplifyuibuilder/src/runtimeExtensions.ts b/clients/client-amplifyuibuilder/src/runtimeExtensions.ts index 6824f121f1cd4..8efdcaebd3966 100644 --- a/clients/client-amplifyuibuilder/src/runtimeExtensions.ts +++ b/clients/client-amplifyuibuilder/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AmplifyUIBuilderExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-api-gateway/package.json b/clients/client-api-gateway/package.json index cdbb4c59e07eb..04883ce3a2dcc 100644 --- a/clients/client-api-gateway/package.json +++ b/clients/client-api-gateway/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-apigatewaymanagementapi/package.json b/clients/client-apigatewaymanagementapi/package.json index eccd5d0c7b558..b5a65045a1b96 100644 --- a/clients/client-apigatewaymanagementapi/package.json +++ b/clients/client-apigatewaymanagementapi/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-apigatewaymanagementapi/src/ApiGatewayManagementApiClient.ts b/clients/client-apigatewaymanagementapi/src/ApiGatewayManagementApiClient.ts index a3526248f7f0a..9001d2ab470d2 100644 --- a/clients/client-apigatewaymanagementapi/src/ApiGatewayManagementApiClient.ts +++ b/clients/client-apigatewaymanagementapi/src/ApiGatewayManagementApiClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApiGatewayManagementApiHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteConnectionCommandInput, DeleteConnectionCommandOutput } from "./commands/DeleteConnectionCommand"; import { GetConnectionCommandInput, GetConnectionCommandOutput } from "./commands/GetConnectionCommand"; import { PostToConnectionCommandInput, PostToConnectionCommandOutput } from "./commands/PostToConnectionCommand"; @@ -162,21 +167,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -215,8 +221,8 @@ export type ApiGatewayManagementApiClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -235,8 +241,8 @@ export type ApiGatewayManagementApiClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -267,8 +273,8 @@ export class ApiGatewayManagementApiClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -277,8 +283,14 @@ export class ApiGatewayManagementApiClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -289,4 +301,13 @@ export class ApiGatewayManagementApiClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApiGatewayManagementApiHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApiGatewayManagementApiClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-apigatewaymanagementapi/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-apigatewaymanagementapi/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2bc90b65fcedf --- /dev/null +++ b/clients/client-apigatewaymanagementapi/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApiGatewayManagementApiHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApiGatewayManagementApiHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApiGatewayManagementApiHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApiGatewayManagementApiHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApiGatewayManagementApiHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApiGatewayManagementApiHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-apigatewaymanagementapi/src/auth/httpAuthSchemeProvider.ts b/clients/client-apigatewaymanagementapi/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..192b1d7aa033f --- /dev/null +++ b/clients/client-apigatewaymanagementapi/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ApiGatewayManagementApiClientConfig, + ApiGatewayManagementApiClientResolvedConfig, +} from "../ApiGatewayManagementApiClient"; + +/** + * @internal + */ +export interface ApiGatewayManagementApiHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApiGatewayManagementApiHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApiGatewayManagementApiClientResolvedConfig, + HandlerExecutionContext, + ApiGatewayManagementApiHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApiGatewayManagementApiHttpAuthSchemeParametersProvider = async ( + config: ApiGatewayManagementApiClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ApiGatewayManagementApiHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "execute-api", + region: authParameters.region, + }, + propertiesExtractor: (config: ApiGatewayManagementApiClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApiGatewayManagementApiHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApiGatewayManagementApiHttpAuthSchemeProvider: ApiGatewayManagementApiHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApiGatewayManagementApiHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApiGatewayManagementApiHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-apigatewaymanagementapi/src/extensionConfiguration.ts b/clients/client-apigatewaymanagementapi/src/extensionConfiguration.ts index 257c6d98ab163..6da781fa1e368 100644 --- a/clients/client-apigatewaymanagementapi/src/extensionConfiguration.ts +++ b/clients/client-apigatewaymanagementapi/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApiGatewayManagementApiExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-apigatewaymanagementapi/src/runtimeConfig.shared.ts b/clients/client-apigatewaymanagementapi/src/runtimeConfig.shared.ts index cc692bb6382b1..18816e5c2e3c8 100644 --- a/clients/client-apigatewaymanagementapi/src/runtimeConfig.shared.ts +++ b/clients/client-apigatewaymanagementapi/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApiGatewayManagementApiClientConfig } from "./ApiGatewayManagementApiClient"; +import { defaultApiGatewayManagementApiHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApiGatewayManagementApiClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApiGatewayManagementApiHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ApiGatewayManagementApi", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-apigatewaymanagementapi/src/runtimeExtensions.ts b/clients/client-apigatewaymanagementapi/src/runtimeExtensions.ts index 9c9a99fd8cd0b..ed9e2986c4312 100644 --- a/clients/client-apigatewaymanagementapi/src/runtimeExtensions.ts +++ b/clients/client-apigatewaymanagementapi/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApiGatewayManagementApiExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-apigatewayv2/package.json b/clients/client-apigatewayv2/package.json index 64a44421eafe1..822f15eda9027 100644 --- a/clients/client-apigatewayv2/package.json +++ b/clients/client-apigatewayv2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-apigatewayv2/src/ApiGatewayV2Client.ts b/clients/client-apigatewayv2/src/ApiGatewayV2Client.ts index 1895aba259a94..011e51584fde0 100644 --- a/clients/client-apigatewayv2/src/ApiGatewayV2Client.ts +++ b/clients/client-apigatewayv2/src/ApiGatewayV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApiGatewayV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApiCommandInput, CreateApiCommandOutput } from "./commands/CreateApiCommand"; import { CreateApiMappingCommandInput, CreateApiMappingCommandOutput } from "./commands/CreateApiMappingCommand"; import { CreateAuthorizerCommandInput, CreateAuthorizerCommandOutput } from "./commands/CreateAuthorizerCommand"; @@ -411,21 +416,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -464,8 +470,8 @@ export type ApiGatewayV2ClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -484,8 +490,8 @@ export type ApiGatewayV2ClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -516,8 +522,8 @@ export class ApiGatewayV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -526,8 +532,14 @@ export class ApiGatewayV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -538,4 +550,13 @@ export class ApiGatewayV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApiGatewayV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApiGatewayV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-apigatewayv2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-apigatewayv2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..70d892aa9eb85 --- /dev/null +++ b/clients/client-apigatewayv2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApiGatewayV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApiGatewayV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApiGatewayV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApiGatewayV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApiGatewayV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApiGatewayV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-apigatewayv2/src/auth/httpAuthSchemeProvider.ts b/clients/client-apigatewayv2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7cfd9410aa1aa --- /dev/null +++ b/clients/client-apigatewayv2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ApiGatewayV2ClientConfig, ApiGatewayV2ClientResolvedConfig } from "../ApiGatewayV2Client"; + +/** + * @internal + */ +export interface ApiGatewayV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApiGatewayV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApiGatewayV2ClientResolvedConfig, + HandlerExecutionContext, + ApiGatewayV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApiGatewayV2HttpAuthSchemeParametersProvider = async ( + config: ApiGatewayV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ApiGatewayV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "apigateway", + region: authParameters.region, + }, + propertiesExtractor: (config: ApiGatewayV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApiGatewayV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApiGatewayV2HttpAuthSchemeProvider: ApiGatewayV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApiGatewayV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApiGatewayV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-apigatewayv2/src/extensionConfiguration.ts b/clients/client-apigatewayv2/src/extensionConfiguration.ts index d2e687fda1c50..c8141fff3bdf6 100644 --- a/clients/client-apigatewayv2/src/extensionConfiguration.ts +++ b/clients/client-apigatewayv2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApiGatewayV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-apigatewayv2/src/runtimeConfig.shared.ts b/clients/client-apigatewayv2/src/runtimeConfig.shared.ts index 3c4767c6cbee7..10d3a1fdd0d33 100644 --- a/clients/client-apigatewayv2/src/runtimeConfig.shared.ts +++ b/clients/client-apigatewayv2/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApiGatewayV2ClientConfig } from "./ApiGatewayV2Client"; +import { defaultApiGatewayV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApiGatewayV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApiGatewayV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ApiGatewayV2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-apigatewayv2/src/runtimeExtensions.ts b/clients/client-apigatewayv2/src/runtimeExtensions.ts index b409782d71c69..02247a24887bc 100644 --- a/clients/client-apigatewayv2/src/runtimeExtensions.ts +++ b/clients/client-apigatewayv2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApiGatewayV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-app-mesh/package.json b/clients/client-app-mesh/package.json index e8c2b09a200bd..7b1f98b1b4022 100644 --- a/clients/client-app-mesh/package.json +++ b/clients/client-app-mesh/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-app-mesh/src/AppMeshClient.ts b/clients/client-app-mesh/src/AppMeshClient.ts index 961ce273e6005..0166d22aa5363 100644 --- a/clients/client-app-mesh/src/AppMeshClient.ts +++ b/clients/client-app-mesh/src/AppMeshClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppMeshHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateGatewayRouteCommandInput, CreateGatewayRouteCommandOutput } from "./commands/CreateGatewayRouteCommand"; import { CreateMeshCommandInput, CreateMeshCommandOutput } from "./commands/CreateMeshCommand"; import { CreateRouteCommandInput, CreateRouteCommandOutput } from "./commands/CreateRouteCommand"; @@ -321,21 +326,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -374,8 +380,8 @@ export type AppMeshClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -394,8 +400,8 @@ export type AppMeshClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -440,8 +446,8 @@ export class AppMeshClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -450,8 +456,14 @@ export class AppMeshClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -462,4 +474,13 @@ export class AppMeshClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppMeshHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppMeshClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-app-mesh/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-app-mesh/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..45f8c809a68ef --- /dev/null +++ b/clients/client-app-mesh/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppMeshHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppMeshHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppMeshHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppMeshHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppMeshHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppMeshHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-app-mesh/src/auth/httpAuthSchemeProvider.ts b/clients/client-app-mesh/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d488682f5dac0 --- /dev/null +++ b/clients/client-app-mesh/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppMeshClientConfig, AppMeshClientResolvedConfig } from "../AppMeshClient"; + +/** + * @internal + */ +export interface AppMeshHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppMeshHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppMeshClientResolvedConfig, + HandlerExecutionContext, + AppMeshHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppMeshHttpAuthSchemeParametersProvider = async ( + config: AppMeshClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppMeshHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appmesh", + region: authParameters.region, + }, + propertiesExtractor: (config: AppMeshClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppMeshHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppMeshHttpAuthSchemeProvider: AppMeshHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppMeshHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppMeshHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-app-mesh/src/extensionConfiguration.ts b/clients/client-app-mesh/src/extensionConfiguration.ts index 2149156cbd00b..329341ab485bd 100644 --- a/clients/client-app-mesh/src/extensionConfiguration.ts +++ b/clients/client-app-mesh/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppMeshExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-app-mesh/src/runtimeConfig.shared.ts b/clients/client-app-mesh/src/runtimeConfig.shared.ts index 05fc5083b7faf..32c5ead0258de 100644 --- a/clients/client-app-mesh/src/runtimeConfig.shared.ts +++ b/clients/client-app-mesh/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppMeshClientConfig } from "./AppMeshClient"; +import { defaultAppMeshHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppMeshClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppMeshHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "App Mesh", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-app-mesh/src/runtimeExtensions.ts b/clients/client-app-mesh/src/runtimeExtensions.ts index 6de7e32ed88b8..7731eb5dc3ece 100644 --- a/clients/client-app-mesh/src/runtimeExtensions.ts +++ b/clients/client-app-mesh/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppMeshExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appconfig/package.json b/clients/client-appconfig/package.json index 7773ae680cd2b..d45e27a471931 100644 --- a/clients/client-appconfig/package.json +++ b/clients/client-appconfig/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-appconfig/src/AppConfigClient.ts b/clients/client-appconfig/src/AppConfigClient.ts index 7fa469a57e37e..c7e4872e6ad60 100644 --- a/clients/client-appconfig/src/AppConfigClient.ts +++ b/clients/client-appconfig/src/AppConfigClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppConfigHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { CreateConfigurationProfileCommandInput, @@ -348,21 +353,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -401,8 +407,8 @@ export type AppConfigClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -421,8 +427,8 @@ export type AppConfigClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -498,8 +504,8 @@ export class AppConfigClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -508,8 +514,14 @@ export class AppConfigClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -520,4 +532,13 @@ export class AppConfigClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppConfigHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppConfigClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appconfig/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appconfig/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8642f9468a00a --- /dev/null +++ b/clients/client-appconfig/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppConfigHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppConfigHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppConfigHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppConfigHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppConfigHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppConfigHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appconfig/src/auth/httpAuthSchemeProvider.ts b/clients/client-appconfig/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..db1a3ab32937e --- /dev/null +++ b/clients/client-appconfig/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppConfigClientConfig, AppConfigClientResolvedConfig } from "../AppConfigClient"; + +/** + * @internal + */ +export interface AppConfigHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppConfigHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppConfigClientResolvedConfig, + HandlerExecutionContext, + AppConfigHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppConfigHttpAuthSchemeParametersProvider = async ( + config: AppConfigClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppConfigHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appconfig", + region: authParameters.region, + }, + propertiesExtractor: (config: AppConfigClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppConfigHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppConfigHttpAuthSchemeProvider: AppConfigHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appconfig/src/extensionConfiguration.ts b/clients/client-appconfig/src/extensionConfiguration.ts index 98a83d0cb25d9..01fc6783ee942 100644 --- a/clients/client-appconfig/src/extensionConfiguration.ts +++ b/clients/client-appconfig/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppConfigExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appconfig/src/runtimeConfig.shared.ts b/clients/client-appconfig/src/runtimeConfig.shared.ts index fb46f36c01b87..41fe609e2c0c3 100644 --- a/clients/client-appconfig/src/runtimeConfig.shared.ts +++ b/clients/client-appconfig/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppConfigClientConfig } from "./AppConfigClient"; +import { defaultAppConfigHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppConfigClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppConfigHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppConfig", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appconfig/src/runtimeExtensions.ts b/clients/client-appconfig/src/runtimeExtensions.ts index 41a906c200ce6..886a8c46c2502 100644 --- a/clients/client-appconfig/src/runtimeExtensions.ts +++ b/clients/client-appconfig/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppConfigExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appconfigdata/package.json b/clients/client-appconfigdata/package.json index b48f52b779fb0..4398536e9f7ff 100644 --- a/clients/client-appconfigdata/package.json +++ b/clients/client-appconfigdata/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-appconfigdata/src/AppConfigDataClient.ts b/clients/client-appconfigdata/src/AppConfigDataClient.ts index 6908a21e42c7b..7597eb2aae54c 100644 --- a/clients/client-appconfigdata/src/AppConfigDataClient.ts +++ b/clients/client-appconfigdata/src/AppConfigDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppConfigDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetLatestConfigurationCommandInput, GetLatestConfigurationCommandOutput, @@ -164,21 +169,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -217,8 +223,8 @@ export type AppConfigDataClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -237,8 +243,8 @@ export type AppConfigDataClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -327,8 +333,8 @@ export class AppConfigDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -337,8 +343,14 @@ export class AppConfigDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -349,4 +361,13 @@ export class AppConfigDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppConfigDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppConfigDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appconfigdata/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appconfigdata/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..bbd5bd5c0d0ac --- /dev/null +++ b/clients/client-appconfigdata/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppConfigDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppConfigDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppConfigDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppConfigDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppConfigDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppConfigDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appconfigdata/src/auth/httpAuthSchemeProvider.ts b/clients/client-appconfigdata/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0ac9c1817929b --- /dev/null +++ b/clients/client-appconfigdata/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppConfigDataClientConfig, AppConfigDataClientResolvedConfig } from "../AppConfigDataClient"; + +/** + * @internal + */ +export interface AppConfigDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppConfigDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppConfigDataClientResolvedConfig, + HandlerExecutionContext, + AppConfigDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppConfigDataHttpAuthSchemeParametersProvider = async ( + config: AppConfigDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppConfigDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appconfig", + region: authParameters.region, + }, + propertiesExtractor: (config: AppConfigDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppConfigDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppConfigDataHttpAuthSchemeProvider: AppConfigDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppConfigDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppConfigDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appconfigdata/src/extensionConfiguration.ts b/clients/client-appconfigdata/src/extensionConfiguration.ts index edd75403f1585..f84422a89868c 100644 --- a/clients/client-appconfigdata/src/extensionConfiguration.ts +++ b/clients/client-appconfigdata/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppConfigDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appconfigdata/src/runtimeConfig.shared.ts b/clients/client-appconfigdata/src/runtimeConfig.shared.ts index 7b2cc81bb749a..3837d031ef90b 100644 --- a/clients/client-appconfigdata/src/runtimeConfig.shared.ts +++ b/clients/client-appconfigdata/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppConfigDataClientConfig } from "./AppConfigDataClient"; +import { defaultAppConfigDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppConfigDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppConfigDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppConfigData", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appconfigdata/src/runtimeExtensions.ts b/clients/client-appconfigdata/src/runtimeExtensions.ts index 3abc880fc018f..903bf152df6db 100644 --- a/clients/client-appconfigdata/src/runtimeExtensions.ts +++ b/clients/client-appconfigdata/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppConfigDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appfabric/package.json b/clients/client-appfabric/package.json index 1d6a7a4a8ebe8..532b90cee914d 100644 --- a/clients/client-appfabric/package.json +++ b/clients/client-appfabric/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-appfabric/src/AppFabricClient.ts b/clients/client-appfabric/src/AppFabricClient.ts index f957860ca976e..d5d2f181e3851 100644 --- a/clients/client-appfabric/src/AppFabricClient.ts +++ b/clients/client-appfabric/src/AppFabricClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppFabricHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetUserAccessTasksCommandInput, BatchGetUserAccessTasksCommandOutput, @@ -276,21 +281,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -329,8 +335,8 @@ export type AppFabricClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -349,8 +355,8 @@ export type AppFabricClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -389,8 +395,8 @@ export class AppFabricClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -399,8 +405,14 @@ export class AppFabricClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -411,4 +423,13 @@ export class AppFabricClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppFabricHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppFabricClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appfabric/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appfabric/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0ae89e138e408 --- /dev/null +++ b/clients/client-appfabric/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppFabricHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppFabricHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppFabricHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppFabricHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppFabricHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppFabricHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appfabric/src/auth/httpAuthSchemeProvider.ts b/clients/client-appfabric/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dd9a02a65792a --- /dev/null +++ b/clients/client-appfabric/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppFabricClientConfig, AppFabricClientResolvedConfig } from "../AppFabricClient"; + +/** + * @internal + */ +export interface AppFabricHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppFabricHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppFabricClientResolvedConfig, + HandlerExecutionContext, + AppFabricHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppFabricHttpAuthSchemeParametersProvider = async ( + config: AppFabricClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppFabricHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appfabric", + region: authParameters.region, + }, + propertiesExtractor: (config: AppFabricClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppFabricHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppFabricHttpAuthSchemeProvider: AppFabricHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppFabricHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppFabricHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appfabric/src/extensionConfiguration.ts b/clients/client-appfabric/src/extensionConfiguration.ts index 87246423f74b6..1ef6acbe51067 100644 --- a/clients/client-appfabric/src/extensionConfiguration.ts +++ b/clients/client-appfabric/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppFabricExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appfabric/src/runtimeConfig.shared.ts b/clients/client-appfabric/src/runtimeConfig.shared.ts index bff0df0dd1f8f..5e7453f752715 100644 --- a/clients/client-appfabric/src/runtimeConfig.shared.ts +++ b/clients/client-appfabric/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppFabricClientConfig } from "./AppFabricClient"; +import { defaultAppFabricHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppFabricClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppFabricHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppFabric", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appfabric/src/runtimeExtensions.ts b/clients/client-appfabric/src/runtimeExtensions.ts index 0da2c3f6080ad..711e522d2d82b 100644 --- a/clients/client-appfabric/src/runtimeExtensions.ts +++ b/clients/client-appfabric/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppFabricExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appflow/package.json b/clients/client-appflow/package.json index 5a71f72b8ae5a..fd5d4d898a069 100644 --- a/clients/client-appflow/package.json +++ b/clients/client-appflow/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-appflow/src/AppflowClient.ts b/clients/client-appflow/src/AppflowClient.ts index e017529a4fd29..06335d3bf1f45 100644 --- a/clients/client-appflow/src/AppflowClient.ts +++ b/clients/client-appflow/src/AppflowClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppflowHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelFlowExecutionsCommandInput, CancelFlowExecutionsCommandOutput, @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type AppflowClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type AppflowClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -406,8 +412,8 @@ export class AppflowClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -416,8 +422,14 @@ export class AppflowClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -428,4 +440,13 @@ export class AppflowClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppflowHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppflowClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appflow/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appflow/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0c0c36fe346a6 --- /dev/null +++ b/clients/client-appflow/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppflowHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppflowHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppflowHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppflowHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppflowHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppflowHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appflow/src/auth/httpAuthSchemeProvider.ts b/clients/client-appflow/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ba8d0558aed2c --- /dev/null +++ b/clients/client-appflow/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppflowClientConfig, AppflowClientResolvedConfig } from "../AppflowClient"; + +/** + * @internal + */ +export interface AppflowHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppflowHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppflowClientResolvedConfig, + HandlerExecutionContext, + AppflowHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppflowHttpAuthSchemeParametersProvider = async ( + config: AppflowClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppflowHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appflow", + region: authParameters.region, + }, + propertiesExtractor: (config: AppflowClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppflowHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppflowHttpAuthSchemeProvider: AppflowHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppflowHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppflowHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appflow/src/extensionConfiguration.ts b/clients/client-appflow/src/extensionConfiguration.ts index ea1dfb44b5f41..a7ba05c329c5f 100644 --- a/clients/client-appflow/src/extensionConfiguration.ts +++ b/clients/client-appflow/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppflowExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appflow/src/runtimeConfig.shared.ts b/clients/client-appflow/src/runtimeConfig.shared.ts index f3af2858b8067..1bf24adee9622 100644 --- a/clients/client-appflow/src/runtimeConfig.shared.ts +++ b/clients/client-appflow/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppflowClientConfig } from "./AppflowClient"; +import { defaultAppflowHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppflowClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppflowHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Appflow", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appflow/src/runtimeExtensions.ts b/clients/client-appflow/src/runtimeExtensions.ts index 292e0b48b5197..6d314710bf2f0 100644 --- a/clients/client-appflow/src/runtimeExtensions.ts +++ b/clients/client-appflow/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppflowExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appintegrations/package.json b/clients/client-appintegrations/package.json index f45d3c52c6a76..04290b978731d 100644 --- a/clients/client-appintegrations/package.json +++ b/clients/client-appintegrations/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-appintegrations/src/AppIntegrationsClient.ts b/clients/client-appintegrations/src/AppIntegrationsClient.ts index b28984b64c6cf..f87e3ddedfac5 100644 --- a/clients/client-appintegrations/src/AppIntegrationsClient.ts +++ b/clients/client-appintegrations/src/AppIntegrationsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppIntegrationsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { CreateDataIntegrationCommandInput, @@ -258,21 +263,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -311,8 +317,8 @@ export type AppIntegrationsClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -331,8 +337,8 @@ export type AppIntegrationsClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -369,8 +375,8 @@ export class AppIntegrationsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -379,8 +385,14 @@ export class AppIntegrationsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -391,4 +403,13 @@ export class AppIntegrationsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppIntegrationsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppIntegrationsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appintegrations/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appintegrations/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..91d27eb284cc8 --- /dev/null +++ b/clients/client-appintegrations/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppIntegrationsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppIntegrationsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppIntegrationsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppIntegrationsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppIntegrationsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppIntegrationsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appintegrations/src/auth/httpAuthSchemeProvider.ts b/clients/client-appintegrations/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..54f04982198a4 --- /dev/null +++ b/clients/client-appintegrations/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppIntegrationsClientConfig, AppIntegrationsClientResolvedConfig } from "../AppIntegrationsClient"; + +/** + * @internal + */ +export interface AppIntegrationsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppIntegrationsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppIntegrationsClientResolvedConfig, + HandlerExecutionContext, + AppIntegrationsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppIntegrationsHttpAuthSchemeParametersProvider = async ( + config: AppIntegrationsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppIntegrationsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "app-integrations", + region: authParameters.region, + }, + propertiesExtractor: (config: AppIntegrationsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppIntegrationsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppIntegrationsHttpAuthSchemeProvider: AppIntegrationsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppIntegrationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppIntegrationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appintegrations/src/extensionConfiguration.ts b/clients/client-appintegrations/src/extensionConfiguration.ts index f300d3c68a850..ac7eb81fb563a 100644 --- a/clients/client-appintegrations/src/extensionConfiguration.ts +++ b/clients/client-appintegrations/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppIntegrationsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appintegrations/src/runtimeConfig.shared.ts b/clients/client-appintegrations/src/runtimeConfig.shared.ts index afe4c40ce4953..7bc1d2259b347 100644 --- a/clients/client-appintegrations/src/runtimeConfig.shared.ts +++ b/clients/client-appintegrations/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppIntegrationsClientConfig } from "./AppIntegrationsClient"; +import { defaultAppIntegrationsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppIntegrationsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppIntegrationsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppIntegrations", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appintegrations/src/runtimeExtensions.ts b/clients/client-appintegrations/src/runtimeExtensions.ts index 9e4349c195af4..01341b41fe6a7 100644 --- a/clients/client-appintegrations/src/runtimeExtensions.ts +++ b/clients/client-appintegrations/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppIntegrationsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-application-auto-scaling/package.json b/clients/client-application-auto-scaling/package.json index b06eef251608e..8de47fcaad27a 100644 --- a/clients/client-application-auto-scaling/package.json +++ b/clients/client-application-auto-scaling/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts b/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts index ad6167dba1a08..0a60f5bafdc0e 100644 --- a/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts +++ b/clients/client-application-auto-scaling/src/ApplicationAutoScalingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApplicationAutoScalingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteScalingPolicyCommandInput, DeleteScalingPolicyCommandOutput, @@ -222,21 +227,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -275,8 +281,8 @@ export type ApplicationAutoScalingClientConfigType = Partial<__SmithyConfigurati EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -295,8 +301,8 @@ export type ApplicationAutoScalingClientResolvedConfigType = __SmithyResolvedCon EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -403,8 +409,8 @@ export class ApplicationAutoScalingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -413,8 +419,14 @@ export class ApplicationAutoScalingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -425,4 +437,13 @@ export class ApplicationAutoScalingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApplicationAutoScalingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApplicationAutoScalingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-application-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-application-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a04d1093ceb4d --- /dev/null +++ b/clients/client-application-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApplicationAutoScalingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationAutoScalingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApplicationAutoScalingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApplicationAutoScalingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationAutoScalingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApplicationAutoScalingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-application-auto-scaling/src/auth/httpAuthSchemeProvider.ts b/clients/client-application-auto-scaling/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b82063dd0efa7 --- /dev/null +++ b/clients/client-application-auto-scaling/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ApplicationAutoScalingClientConfig, + ApplicationAutoScalingClientResolvedConfig, +} from "../ApplicationAutoScalingClient"; + +/** + * @internal + */ +export interface ApplicationAutoScalingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApplicationAutoScalingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApplicationAutoScalingClientResolvedConfig, + HandlerExecutionContext, + ApplicationAutoScalingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApplicationAutoScalingHttpAuthSchemeParametersProvider = async ( + config: ApplicationAutoScalingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ApplicationAutoScalingHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "application-autoscaling", + region: authParameters.region, + }, + propertiesExtractor: (config: ApplicationAutoScalingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApplicationAutoScalingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApplicationAutoScalingHttpAuthSchemeProvider: ApplicationAutoScalingHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApplicationAutoScalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApplicationAutoScalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-application-auto-scaling/src/extensionConfiguration.ts b/clients/client-application-auto-scaling/src/extensionConfiguration.ts index b78f6a0683bd3..a94c00d7ffeeb 100644 --- a/clients/client-application-auto-scaling/src/extensionConfiguration.ts +++ b/clients/client-application-auto-scaling/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApplicationAutoScalingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-application-auto-scaling/src/runtimeConfig.shared.ts b/clients/client-application-auto-scaling/src/runtimeConfig.shared.ts index 8bcd572f67af7..a8ab8da49658b 100644 --- a/clients/client-application-auto-scaling/src/runtimeConfig.shared.ts +++ b/clients/client-application-auto-scaling/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApplicationAutoScalingClientConfig } from "./ApplicationAutoScalingClient"; +import { defaultApplicationAutoScalingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApplicationAutoScalingClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApplicationAutoScalingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Application Auto Scaling", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-application-auto-scaling/src/runtimeExtensions.ts b/clients/client-application-auto-scaling/src/runtimeExtensions.ts index 7891be6e99aac..e5ee89c9d5d5d 100644 --- a/clients/client-application-auto-scaling/src/runtimeExtensions.ts +++ b/clients/client-application-auto-scaling/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApplicationAutoScalingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-application-discovery-service/package.json b/clients/client-application-discovery-service/package.json index c48d528858d11..0977e066dc55e 100644 --- a/clients/client-application-discovery-service/package.json +++ b/clients/client-application-discovery-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-application-discovery-service/src/ApplicationDiscoveryServiceClient.ts b/clients/client-application-discovery-service/src/ApplicationDiscoveryServiceClient.ts index 86d49c2ae047b..812d491719988 100644 --- a/clients/client-application-discovery-service/src/ApplicationDiscoveryServiceClient.ts +++ b/clients/client-application-discovery-service/src/ApplicationDiscoveryServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApplicationDiscoveryServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateConfigurationItemsToApplicationCommandInput, AssociateConfigurationItemsToApplicationCommandOutput, @@ -291,21 +296,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -344,8 +350,8 @@ export type ApplicationDiscoveryServiceClientConfigType = Partial<__SmithyConfig EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -364,8 +370,8 @@ export type ApplicationDiscoveryServiceClientResolvedConfigType = __SmithyResolv EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -502,8 +508,8 @@ export class ApplicationDiscoveryServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -512,8 +518,14 @@ export class ApplicationDiscoveryServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -524,4 +536,13 @@ export class ApplicationDiscoveryServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApplicationDiscoveryServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApplicationDiscoveryServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-application-discovery-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-application-discovery-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..008e469e8e8ab --- /dev/null +++ b/clients/client-application-discovery-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApplicationDiscoveryServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationDiscoveryServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApplicationDiscoveryServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApplicationDiscoveryServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationDiscoveryServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApplicationDiscoveryServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-application-discovery-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-application-discovery-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..49d46f21617e5 --- /dev/null +++ b/clients/client-application-discovery-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ApplicationDiscoveryServiceClientConfig, + ApplicationDiscoveryServiceClientResolvedConfig, +} from "../ApplicationDiscoveryServiceClient"; + +/** + * @internal + */ +export interface ApplicationDiscoveryServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApplicationDiscoveryServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApplicationDiscoveryServiceClientResolvedConfig, + HandlerExecutionContext, + ApplicationDiscoveryServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApplicationDiscoveryServiceHttpAuthSchemeParametersProvider = async ( + config: ApplicationDiscoveryServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ApplicationDiscoveryServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "discovery", + region: authParameters.region, + }, + propertiesExtractor: (config: ApplicationDiscoveryServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApplicationDiscoveryServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApplicationDiscoveryServiceHttpAuthSchemeProvider: ApplicationDiscoveryServiceHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApplicationDiscoveryServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApplicationDiscoveryServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-application-discovery-service/src/extensionConfiguration.ts b/clients/client-application-discovery-service/src/extensionConfiguration.ts index b0db9d92893f5..0c146ff8e8446 100644 --- a/clients/client-application-discovery-service/src/extensionConfiguration.ts +++ b/clients/client-application-discovery-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApplicationDiscoveryServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-application-discovery-service/src/runtimeConfig.shared.ts b/clients/client-application-discovery-service/src/runtimeConfig.shared.ts index 3ca2f8ded2faf..b35d036a8bded 100644 --- a/clients/client-application-discovery-service/src/runtimeConfig.shared.ts +++ b/clients/client-application-discovery-service/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApplicationDiscoveryServiceClientConfig } from "./ApplicationDiscoveryServiceClient"; +import { defaultApplicationDiscoveryServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApplicationDiscoveryServiceClientConfig disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApplicationDiscoveryServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Application Discovery Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-application-discovery-service/src/runtimeExtensions.ts b/clients/client-application-discovery-service/src/runtimeExtensions.ts index 515a433f9b64d..390a456795658 100644 --- a/clients/client-application-discovery-service/src/runtimeExtensions.ts +++ b/clients/client-application-discovery-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApplicationDiscoveryServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-application-insights/package.json b/clients/client-application-insights/package.json index d53e001c238d3..a24d7b8ea8477 100644 --- a/clients/client-application-insights/package.json +++ b/clients/client-application-insights/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-application-insights/src/ApplicationInsightsClient.ts b/clients/client-application-insights/src/ApplicationInsightsClient.ts index 05c4ee74df491..79eea4172cc3a 100644 --- a/clients/client-application-insights/src/ApplicationInsightsClient.ts +++ b/clients/client-application-insights/src/ApplicationInsightsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApplicationInsightsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddWorkloadCommandInput, AddWorkloadCommandOutput } from "./commands/AddWorkloadCommand"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { CreateComponentCommandInput, CreateComponentCommandOutput } from "./commands/CreateComponentCommand"; @@ -279,21 +284,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -332,8 +338,8 @@ export type ApplicationInsightsClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -352,8 +358,8 @@ export type ApplicationInsightsClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -395,8 +401,8 @@ export class ApplicationInsightsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -405,8 +411,14 @@ export class ApplicationInsightsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -417,4 +429,13 @@ export class ApplicationInsightsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApplicationInsightsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApplicationInsightsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-application-insights/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-application-insights/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a7da4fe3869b8 --- /dev/null +++ b/clients/client-application-insights/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApplicationInsightsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationInsightsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApplicationInsightsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApplicationInsightsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationInsightsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApplicationInsightsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-application-insights/src/auth/httpAuthSchemeProvider.ts b/clients/client-application-insights/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7341fb5a4535e --- /dev/null +++ b/clients/client-application-insights/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ApplicationInsightsClientConfig, ApplicationInsightsClientResolvedConfig } from "../ApplicationInsightsClient"; + +/** + * @internal + */ +export interface ApplicationInsightsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApplicationInsightsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApplicationInsightsClientResolvedConfig, + HandlerExecutionContext, + ApplicationInsightsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApplicationInsightsHttpAuthSchemeParametersProvider = async ( + config: ApplicationInsightsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ApplicationInsightsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "applicationinsights", + region: authParameters.region, + }, + propertiesExtractor: (config: ApplicationInsightsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApplicationInsightsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApplicationInsightsHttpAuthSchemeProvider: ApplicationInsightsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApplicationInsightsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApplicationInsightsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-application-insights/src/extensionConfiguration.ts b/clients/client-application-insights/src/extensionConfiguration.ts index 1ebe662344aa0..e7d331c8723ec 100644 --- a/clients/client-application-insights/src/extensionConfiguration.ts +++ b/clients/client-application-insights/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApplicationInsightsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-application-insights/src/runtimeConfig.shared.ts b/clients/client-application-insights/src/runtimeConfig.shared.ts index d3da68963d135..4dc2e061047e6 100644 --- a/clients/client-application-insights/src/runtimeConfig.shared.ts +++ b/clients/client-application-insights/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApplicationInsightsClientConfig } from "./ApplicationInsightsClient"; +import { defaultApplicationInsightsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApplicationInsightsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApplicationInsightsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Application Insights", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-application-insights/src/runtimeExtensions.ts b/clients/client-application-insights/src/runtimeExtensions.ts index 1beaf699c50ea..9b4775801fca8 100644 --- a/clients/client-application-insights/src/runtimeExtensions.ts +++ b/clients/client-application-insights/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApplicationInsightsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-applicationcostprofiler/package.json b/clients/client-applicationcostprofiler/package.json index 7869f07230340..b862c867f722d 100644 --- a/clients/client-applicationcostprofiler/package.json +++ b/clients/client-applicationcostprofiler/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-applicationcostprofiler/src/ApplicationCostProfilerClient.ts b/clients/client-applicationcostprofiler/src/ApplicationCostProfilerClient.ts index 96f5357f231ad..1004dfffb8d12 100644 --- a/clients/client-applicationcostprofiler/src/ApplicationCostProfilerClient.ts +++ b/clients/client-applicationcostprofiler/src/ApplicationCostProfilerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultApplicationCostProfilerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteReportDefinitionCommandInput, DeleteReportDefinitionCommandOutput, @@ -192,21 +197,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -245,8 +251,8 @@ export type ApplicationCostProfilerClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -265,8 +271,8 @@ export type ApplicationCostProfilerClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -302,8 +308,8 @@ export class ApplicationCostProfilerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -312,8 +318,14 @@ export class ApplicationCostProfilerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -324,4 +336,13 @@ export class ApplicationCostProfilerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultApplicationCostProfilerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ApplicationCostProfilerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-applicationcostprofiler/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-applicationcostprofiler/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..131a2f5afc795 --- /dev/null +++ b/clients/client-applicationcostprofiler/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ApplicationCostProfilerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationCostProfilerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ApplicationCostProfilerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ApplicationCostProfilerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ApplicationCostProfilerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ApplicationCostProfilerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-applicationcostprofiler/src/auth/httpAuthSchemeProvider.ts b/clients/client-applicationcostprofiler/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..25ff786ce73df --- /dev/null +++ b/clients/client-applicationcostprofiler/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ApplicationCostProfilerClientConfig, + ApplicationCostProfilerClientResolvedConfig, +} from "../ApplicationCostProfilerClient"; + +/** + * @internal + */ +export interface ApplicationCostProfilerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ApplicationCostProfilerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ApplicationCostProfilerClientResolvedConfig, + HandlerExecutionContext, + ApplicationCostProfilerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultApplicationCostProfilerHttpAuthSchemeParametersProvider = async ( + config: ApplicationCostProfilerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ApplicationCostProfilerHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "application-cost-profiler", + region: authParameters.region, + }, + propertiesExtractor: (config: ApplicationCostProfilerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ApplicationCostProfilerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultApplicationCostProfilerHttpAuthSchemeProvider: ApplicationCostProfilerHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ApplicationCostProfilerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ApplicationCostProfilerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-applicationcostprofiler/src/extensionConfiguration.ts b/clients/client-applicationcostprofiler/src/extensionConfiguration.ts index 73095ef6692a3..fb7c4521934ce 100644 --- a/clients/client-applicationcostprofiler/src/extensionConfiguration.ts +++ b/clients/client-applicationcostprofiler/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ApplicationCostProfilerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-applicationcostprofiler/src/runtimeConfig.shared.ts b/clients/client-applicationcostprofiler/src/runtimeConfig.shared.ts index 7bfe940d29b18..e484d926d0a76 100644 --- a/clients/client-applicationcostprofiler/src/runtimeConfig.shared.ts +++ b/clients/client-applicationcostprofiler/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ApplicationCostProfilerClientConfig } from "./ApplicationCostProfilerClient"; +import { defaultApplicationCostProfilerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ApplicationCostProfilerClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultApplicationCostProfilerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ApplicationCostProfiler", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-applicationcostprofiler/src/runtimeExtensions.ts b/clients/client-applicationcostprofiler/src/runtimeExtensions.ts index 00e59790c5367..f67396f18a783 100644 --- a/clients/client-applicationcostprofiler/src/runtimeExtensions.ts +++ b/clients/client-applicationcostprofiler/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ApplicationCostProfilerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-apprunner/package.json b/clients/client-apprunner/package.json index 8a8ce595be4bf..54d33a61836a9 100644 --- a/clients/client-apprunner/package.json +++ b/clients/client-apprunner/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-apprunner/src/AppRunnerClient.ts b/clients/client-apprunner/src/AppRunnerClient.ts index ed9c67b702b2c..89da3624b8ad7 100644 --- a/clients/client-apprunner/src/AppRunnerClient.ts +++ b/clients/client-apprunner/src/AppRunnerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppRunnerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateCustomDomainCommandInput, AssociateCustomDomainCommandOutput, @@ -327,21 +332,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -380,8 +386,8 @@ export type AppRunnerClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -400,8 +406,8 @@ export type AppRunnerClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -448,8 +454,8 @@ export class AppRunnerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -458,8 +464,14 @@ export class AppRunnerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -470,4 +482,13 @@ export class AppRunnerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppRunnerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppRunnerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-apprunner/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-apprunner/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..720072737e54b --- /dev/null +++ b/clients/client-apprunner/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppRunnerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppRunnerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppRunnerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppRunnerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppRunnerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppRunnerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-apprunner/src/auth/httpAuthSchemeProvider.ts b/clients/client-apprunner/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..161c1a8828f7a --- /dev/null +++ b/clients/client-apprunner/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppRunnerClientConfig, AppRunnerClientResolvedConfig } from "../AppRunnerClient"; + +/** + * @internal + */ +export interface AppRunnerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppRunnerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppRunnerClientResolvedConfig, + HandlerExecutionContext, + AppRunnerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppRunnerHttpAuthSchemeParametersProvider = async ( + config: AppRunnerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppRunnerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "apprunner", + region: authParameters.region, + }, + propertiesExtractor: (config: AppRunnerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppRunnerHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppRunnerHttpAuthSchemeProvider: AppRunnerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppRunnerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppRunnerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-apprunner/src/extensionConfiguration.ts b/clients/client-apprunner/src/extensionConfiguration.ts index 7c68b151d46d6..1373a3216b836 100644 --- a/clients/client-apprunner/src/extensionConfiguration.ts +++ b/clients/client-apprunner/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppRunnerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-apprunner/src/runtimeConfig.shared.ts b/clients/client-apprunner/src/runtimeConfig.shared.ts index ce29fc8f58b16..7a903b92056c4 100644 --- a/clients/client-apprunner/src/runtimeConfig.shared.ts +++ b/clients/client-apprunner/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppRunnerClientConfig } from "./AppRunnerClient"; +import { defaultAppRunnerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppRunnerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppRunnerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppRunner", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-apprunner/src/runtimeExtensions.ts b/clients/client-apprunner/src/runtimeExtensions.ts index 7639fecbda5de..d406e61b3e249 100644 --- a/clients/client-apprunner/src/runtimeExtensions.ts +++ b/clients/client-apprunner/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppRunnerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appstream/package.json b/clients/client-appstream/package.json index 10042bea1b79e..49b44dd0980dd 100644 --- a/clients/client-appstream/package.json +++ b/clients/client-appstream/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-appstream/src/AppStreamClient.ts b/clients/client-appstream/src/AppStreamClient.ts index 394fa91eec9d0..f5dbf31012f4c 100644 --- a/clients/client-appstream/src/AppStreamClient.ts +++ b/clients/client-appstream/src/AppStreamClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppStreamHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAppBlockBuilderAppBlockCommandInput, AssociateAppBlockBuilderAppBlockCommandOutput, @@ -489,21 +494,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -542,8 +548,8 @@ export type AppStreamClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -562,8 +568,8 @@ export type AppStreamClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -611,8 +617,8 @@ export class AppStreamClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -621,8 +627,14 @@ export class AppStreamClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -633,4 +645,13 @@ export class AppStreamClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppStreamHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppStreamClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appstream/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appstream/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6d54976a36b37 --- /dev/null +++ b/clients/client-appstream/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppStreamHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppStreamHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppStreamHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppStreamHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppStreamHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppStreamHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appstream/src/auth/httpAuthSchemeProvider.ts b/clients/client-appstream/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..041052c76dcb1 --- /dev/null +++ b/clients/client-appstream/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppStreamClientConfig, AppStreamClientResolvedConfig } from "../AppStreamClient"; + +/** + * @internal + */ +export interface AppStreamHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppStreamHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppStreamClientResolvedConfig, + HandlerExecutionContext, + AppStreamHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppStreamHttpAuthSchemeParametersProvider = async ( + config: AppStreamClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppStreamHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appstream", + region: authParameters.region, + }, + propertiesExtractor: (config: AppStreamClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppStreamHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppStreamHttpAuthSchemeProvider: AppStreamHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppStreamHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppStreamHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appstream/src/extensionConfiguration.ts b/clients/client-appstream/src/extensionConfiguration.ts index ca21d49f8b813..c29514a272860 100644 --- a/clients/client-appstream/src/extensionConfiguration.ts +++ b/clients/client-appstream/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppStreamExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appstream/src/runtimeConfig.shared.ts b/clients/client-appstream/src/runtimeConfig.shared.ts index a22d3f934fbf4..7cc80e7b780df 100644 --- a/clients/client-appstream/src/runtimeConfig.shared.ts +++ b/clients/client-appstream/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppStreamClientConfig } from "./AppStreamClient"; +import { defaultAppStreamHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppStreamClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppStreamHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppStream", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appstream/src/runtimeExtensions.ts b/clients/client-appstream/src/runtimeExtensions.ts index 9578dc0f63cd3..edba5fb3bc510 100644 --- a/clients/client-appstream/src/runtimeExtensions.ts +++ b/clients/client-appstream/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppStreamExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-appsync/package.json b/clients/client-appsync/package.json index a07fc9b35401d..383542da67d4a 100644 --- a/clients/client-appsync/package.json +++ b/clients/client-appsync/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-appsync/src/AppSyncClient.ts b/clients/client-appsync/src/AppSyncClient.ts index f6b68390d1411..dfa72bd40d9fc 100644 --- a/clients/client-appsync/src/AppSyncClient.ts +++ b/clients/client-appsync/src/AppSyncClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAppSyncHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateApiCommandInput, AssociateApiCommandOutput } from "./commands/AssociateApiCommand"; import { AssociateMergedGraphqlApiCommandInput, @@ -402,21 +407,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -455,8 +461,8 @@ export type AppSyncClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -475,8 +481,8 @@ export type AppSyncClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -508,8 +514,8 @@ export class AppSyncClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -518,8 +524,14 @@ export class AppSyncClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -530,4 +542,13 @@ export class AppSyncClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAppSyncHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AppSyncClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-appsync/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-appsync/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ac339bc36eea6 --- /dev/null +++ b/clients/client-appsync/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AppSyncHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppSyncHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AppSyncHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AppSyncHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AppSyncHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AppSyncHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-appsync/src/auth/httpAuthSchemeProvider.ts b/clients/client-appsync/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ff323c08424be --- /dev/null +++ b/clients/client-appsync/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AppSyncClientConfig, AppSyncClientResolvedConfig } from "../AppSyncClient"; + +/** + * @internal + */ +export interface AppSyncHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AppSyncHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AppSyncClientResolvedConfig, + HandlerExecutionContext, + AppSyncHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAppSyncHttpAuthSchemeParametersProvider = async ( + config: AppSyncClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AppSyncHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "appsync", + region: authParameters.region, + }, + propertiesExtractor: (config: AppSyncClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AppSyncHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAppSyncHttpAuthSchemeProvider: AppSyncHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AppSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AppSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-appsync/src/extensionConfiguration.ts b/clients/client-appsync/src/extensionConfiguration.ts index 568a497f9c174..e2cba8df5ad42 100644 --- a/clients/client-appsync/src/extensionConfiguration.ts +++ b/clients/client-appsync/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AppSyncExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-appsync/src/runtimeConfig.shared.ts b/clients/client-appsync/src/runtimeConfig.shared.ts index 851e38139ccd5..e1544bab89ad3 100644 --- a/clients/client-appsync/src/runtimeConfig.shared.ts +++ b/clients/client-appsync/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AppSyncClientConfig } from "./AppSyncClient"; +import { defaultAppSyncHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AppSyncClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAppSyncHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AppSync", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-appsync/src/runtimeExtensions.ts b/clients/client-appsync/src/runtimeExtensions.ts index abeca7274098f..97398f40b0159 100644 --- a/clients/client-appsync/src/runtimeExtensions.ts +++ b/clients/client-appsync/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AppSyncExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-arc-zonal-shift/package.json b/clients/client-arc-zonal-shift/package.json index b6faac98b01fc..05a324904883a 100644 --- a/clients/client-arc-zonal-shift/package.json +++ b/clients/client-arc-zonal-shift/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-arc-zonal-shift/src/ARCZonalShiftClient.ts b/clients/client-arc-zonal-shift/src/ARCZonalShiftClient.ts index 0b21de5008221..8c78288b92be4 100644 --- a/clients/client-arc-zonal-shift/src/ARCZonalShiftClient.ts +++ b/clients/client-arc-zonal-shift/src/ARCZonalShiftClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultARCZonalShiftHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelZonalShiftCommandInput, CancelZonalShiftCommandOutput } from "./commands/CancelZonalShiftCommand"; import { CreatePracticeRunConfigurationCommandInput, @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type ARCZonalShiftClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type ARCZonalShiftClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -335,8 +341,8 @@ export class ARCZonalShiftClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -345,8 +351,14 @@ export class ARCZonalShiftClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -357,4 +369,13 @@ export class ARCZonalShiftClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultARCZonalShiftHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ARCZonalShiftClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-arc-zonal-shift/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-arc-zonal-shift/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..91023cdf8b97e --- /dev/null +++ b/clients/client-arc-zonal-shift/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ARCZonalShiftHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ARCZonalShiftHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ARCZonalShiftHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ARCZonalShiftHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ARCZonalShiftHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ARCZonalShiftHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-arc-zonal-shift/src/auth/httpAuthSchemeProvider.ts b/clients/client-arc-zonal-shift/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d2c194f1e2723 --- /dev/null +++ b/clients/client-arc-zonal-shift/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ARCZonalShiftClientConfig, ARCZonalShiftClientResolvedConfig } from "../ARCZonalShiftClient"; + +/** + * @internal + */ +export interface ARCZonalShiftHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ARCZonalShiftHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ARCZonalShiftClientResolvedConfig, + HandlerExecutionContext, + ARCZonalShiftHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultARCZonalShiftHttpAuthSchemeParametersProvider = async ( + config: ARCZonalShiftClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ARCZonalShiftHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "arc-zonal-shift", + region: authParameters.region, + }, + propertiesExtractor: (config: ARCZonalShiftClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ARCZonalShiftHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultARCZonalShiftHttpAuthSchemeProvider: ARCZonalShiftHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ARCZonalShiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ARCZonalShiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-arc-zonal-shift/src/extensionConfiguration.ts b/clients/client-arc-zonal-shift/src/extensionConfiguration.ts index 1fc7f317db27b..f77c0f1820dac 100644 --- a/clients/client-arc-zonal-shift/src/extensionConfiguration.ts +++ b/clients/client-arc-zonal-shift/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ARCZonalShiftExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-arc-zonal-shift/src/runtimeConfig.shared.ts b/clients/client-arc-zonal-shift/src/runtimeConfig.shared.ts index 7de1dcc6b7190..593148f50f76f 100644 --- a/clients/client-arc-zonal-shift/src/runtimeConfig.shared.ts +++ b/clients/client-arc-zonal-shift/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { ARCZonalShiftClientConfig } from "./ARCZonalShiftClient"; +import { defaultARCZonalShiftHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ARCZonalShiftClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultARCZonalShiftHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ARC Zonal Shift", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-arc-zonal-shift/src/runtimeExtensions.ts b/clients/client-arc-zonal-shift/src/runtimeExtensions.ts index 2a6cf2a8aa0c8..0ad2d2cee597f 100644 --- a/clients/client-arc-zonal-shift/src/runtimeExtensions.ts +++ b/clients/client-arc-zonal-shift/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ARCZonalShiftExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-athena/package.json b/clients/client-athena/package.json index e719b818f6b1f..ea88c800ba633 100644 --- a/clients/client-athena/package.json +++ b/clients/client-athena/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-athena/src/AthenaClient.ts b/clients/client-athena/src/AthenaClient.ts index f9df569fad69b..490f77d3e4892 100644 --- a/clients/client-athena/src/AthenaClient.ts +++ b/clients/client-athena/src/AthenaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAthenaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetNamedQueryCommandInput, BatchGetNamedQueryCommandOutput } from "./commands/BatchGetNamedQueryCommand"; import { BatchGetPreparedStatementCommandInput, @@ -453,21 +458,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -506,8 +512,8 @@ export type AthenaClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -526,8 +532,8 @@ export type AthenaClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -568,8 +574,8 @@ export class AthenaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -578,8 +584,14 @@ export class AthenaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -590,4 +602,13 @@ export class AthenaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAthenaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AthenaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-athena/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-athena/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9a0ad455de3d1 --- /dev/null +++ b/clients/client-athena/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AthenaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AthenaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AthenaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AthenaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AthenaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AthenaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-athena/src/auth/httpAuthSchemeProvider.ts b/clients/client-athena/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..007178605588b --- /dev/null +++ b/clients/client-athena/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AthenaClientConfig, AthenaClientResolvedConfig } from "../AthenaClient"; + +/** + * @internal + */ +export interface AthenaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AthenaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AthenaClientResolvedConfig, + HandlerExecutionContext, + AthenaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAthenaHttpAuthSchemeParametersProvider = async ( + config: AthenaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AthenaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "athena", + region: authParameters.region, + }, + propertiesExtractor: (config: AthenaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AthenaHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAthenaHttpAuthSchemeProvider: AthenaHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AthenaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AthenaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-athena/src/extensionConfiguration.ts b/clients/client-athena/src/extensionConfiguration.ts index e8bb3952f95c8..8916a254c9bc4 100644 --- a/clients/client-athena/src/extensionConfiguration.ts +++ b/clients/client-athena/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AthenaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-athena/src/runtimeConfig.shared.ts b/clients/client-athena/src/runtimeConfig.shared.ts index 74a500b04f7d8..7a5505fe144fd 100644 --- a/clients/client-athena/src/runtimeConfig.shared.ts +++ b/clients/client-athena/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AthenaClientConfig } from "./AthenaClient"; +import { defaultAthenaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AthenaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAthenaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Athena", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-athena/src/runtimeExtensions.ts b/clients/client-athena/src/runtimeExtensions.ts index edea6dbbc9570..8def1607ad77d 100644 --- a/clients/client-athena/src/runtimeExtensions.ts +++ b/clients/client-athena/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AthenaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-auditmanager/package.json b/clients/client-auditmanager/package.json index f38d03eaee37b..64822f7a77d8d 100644 --- a/clients/client-auditmanager/package.json +++ b/clients/client-auditmanager/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-auditmanager/src/AuditManagerClient.ts b/clients/client-auditmanager/src/AuditManagerClient.ts index 9b8dc49eea4b2..b0bb16178a329 100644 --- a/clients/client-auditmanager/src/AuditManagerClient.ts +++ b/clients/client-auditmanager/src/AuditManagerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAuditManagerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAssessmentReportEvidenceFolderCommandInput, AssociateAssessmentReportEvidenceFolderCommandOutput, @@ -456,21 +461,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -509,8 +515,8 @@ export type AuditManagerClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -529,8 +535,8 @@ export type AuditManagerClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -596,8 +602,8 @@ export class AuditManagerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -606,8 +612,14 @@ export class AuditManagerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -618,4 +630,13 @@ export class AuditManagerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAuditManagerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AuditManagerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-auditmanager/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-auditmanager/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d2ff80cf3bc97 --- /dev/null +++ b/clients/client-auditmanager/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AuditManagerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AuditManagerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AuditManagerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AuditManagerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AuditManagerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AuditManagerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-auditmanager/src/auth/httpAuthSchemeProvider.ts b/clients/client-auditmanager/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e631a847c0ed1 --- /dev/null +++ b/clients/client-auditmanager/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AuditManagerClientConfig, AuditManagerClientResolvedConfig } from "../AuditManagerClient"; + +/** + * @internal + */ +export interface AuditManagerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AuditManagerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AuditManagerClientResolvedConfig, + HandlerExecutionContext, + AuditManagerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAuditManagerHttpAuthSchemeParametersProvider = async ( + config: AuditManagerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AuditManagerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "auditmanager", + region: authParameters.region, + }, + propertiesExtractor: (config: AuditManagerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AuditManagerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAuditManagerHttpAuthSchemeProvider: AuditManagerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AuditManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AuditManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-auditmanager/src/extensionConfiguration.ts b/clients/client-auditmanager/src/extensionConfiguration.ts index f068ee0216a00..59d011f88a5e2 100644 --- a/clients/client-auditmanager/src/extensionConfiguration.ts +++ b/clients/client-auditmanager/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AuditManagerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-auditmanager/src/runtimeConfig.shared.ts b/clients/client-auditmanager/src/runtimeConfig.shared.ts index b2d882c15165a..efb12d03f39d8 100644 --- a/clients/client-auditmanager/src/runtimeConfig.shared.ts +++ b/clients/client-auditmanager/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; import { AuditManagerClientConfig } from "./AuditManagerClient"; +import { defaultAuditManagerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; /** @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AuditManagerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAuditManagerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "AuditManager", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-auditmanager/src/runtimeExtensions.ts b/clients/client-auditmanager/src/runtimeExtensions.ts index b166c0046869f..d578aef415b50 100644 --- a/clients/client-auditmanager/src/runtimeExtensions.ts +++ b/clients/client-auditmanager/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AuditManagerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-auto-scaling-plans/package.json b/clients/client-auto-scaling-plans/package.json index 3770e7ebd5cd0..870b963caa731 100644 --- a/clients/client-auto-scaling-plans/package.json +++ b/clients/client-auto-scaling-plans/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-auto-scaling-plans/src/AutoScalingPlansClient.ts b/clients/client-auto-scaling-plans/src/AutoScalingPlansClient.ts index 90e95aff307cd..0762281178fbb 100644 --- a/clients/client-auto-scaling-plans/src/AutoScalingPlansClient.ts +++ b/clients/client-auto-scaling-plans/src/AutoScalingPlansClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAutoScalingPlansHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateScalingPlanCommandInput, CreateScalingPlanCommandOutput } from "./commands/CreateScalingPlanCommand"; import { DeleteScalingPlanCommandInput, DeleteScalingPlanCommandOutput } from "./commands/DeleteScalingPlanCommand"; import { @@ -183,21 +188,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -236,8 +242,8 @@ export type AutoScalingPlansClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -256,8 +262,8 @@ export type AutoScalingPlansClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export class AutoScalingPlansClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -332,8 +338,14 @@ export class AutoScalingPlansClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -344,4 +356,13 @@ export class AutoScalingPlansClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAutoScalingPlansHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AutoScalingPlansClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-auto-scaling-plans/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-auto-scaling-plans/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4af3d7c1fe2a1 --- /dev/null +++ b/clients/client-auto-scaling-plans/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AutoScalingPlansHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AutoScalingPlansHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AutoScalingPlansHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AutoScalingPlansHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AutoScalingPlansHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AutoScalingPlansHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-auto-scaling-plans/src/auth/httpAuthSchemeProvider.ts b/clients/client-auto-scaling-plans/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..90a9997fa54d8 --- /dev/null +++ b/clients/client-auto-scaling-plans/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AutoScalingPlansClientConfig, AutoScalingPlansClientResolvedConfig } from "../AutoScalingPlansClient"; + +/** + * @internal + */ +export interface AutoScalingPlansHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AutoScalingPlansHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AutoScalingPlansClientResolvedConfig, + HandlerExecutionContext, + AutoScalingPlansHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAutoScalingPlansHttpAuthSchemeParametersProvider = async ( + config: AutoScalingPlansClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AutoScalingPlansHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "autoscaling-plans", + region: authParameters.region, + }, + propertiesExtractor: (config: AutoScalingPlansClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AutoScalingPlansHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAutoScalingPlansHttpAuthSchemeProvider: AutoScalingPlansHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AutoScalingPlansHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AutoScalingPlansHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-auto-scaling-plans/src/extensionConfiguration.ts b/clients/client-auto-scaling-plans/src/extensionConfiguration.ts index e262efcd2ce76..797a336d60bc2 100644 --- a/clients/client-auto-scaling-plans/src/extensionConfiguration.ts +++ b/clients/client-auto-scaling-plans/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AutoScalingPlansExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-auto-scaling-plans/src/runtimeConfig.shared.ts b/clients/client-auto-scaling-plans/src/runtimeConfig.shared.ts index 9ba519be38c50..1efe74f47d132 100644 --- a/clients/client-auto-scaling-plans/src/runtimeConfig.shared.ts +++ b/clients/client-auto-scaling-plans/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultAutoScalingPlansHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { AutoScalingPlansClientConfig } from "./AutoScalingPlansClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AutoScalingPlansClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAutoScalingPlansHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Auto Scaling Plans", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-auto-scaling-plans/src/runtimeExtensions.ts b/clients/client-auto-scaling-plans/src/runtimeExtensions.ts index 07b671ffea0c4..837e639f42e76 100644 --- a/clients/client-auto-scaling-plans/src/runtimeExtensions.ts +++ b/clients/client-auto-scaling-plans/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AutoScalingPlansExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-auto-scaling/package.json b/clients/client-auto-scaling/package.json index ab59aea12b613..b534b2e624d51 100644 --- a/clients/client-auto-scaling/package.json +++ b/clients/client-auto-scaling/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-auto-scaling/src/AutoScalingClient.ts b/clients/client-auto-scaling/src/AutoScalingClient.ts index 646edfc7c6957..c2e30f7507f2f 100644 --- a/clients/client-auto-scaling/src/AutoScalingClient.ts +++ b/clients/client-auto-scaling/src/AutoScalingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultAutoScalingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AttachInstancesCommandInput, AttachInstancesCommandOutput } from "./commands/AttachInstancesCommand"; import { AttachLoadBalancersCommandInput, @@ -489,21 +494,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -542,8 +548,8 @@ export type AutoScalingClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -562,8 +568,8 @@ export type AutoScalingClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -597,8 +603,8 @@ export class AutoScalingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -607,8 +613,14 @@ export class AutoScalingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -619,4 +631,13 @@ export class AutoScalingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultAutoScalingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: AutoScalingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a625e5f3bfc8d --- /dev/null +++ b/clients/client-auto-scaling/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { AutoScalingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AutoScalingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): AutoScalingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: AutoScalingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: AutoScalingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): AutoScalingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-auto-scaling/src/auth/httpAuthSchemeProvider.ts b/clients/client-auto-scaling/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4016282ebfd90 --- /dev/null +++ b/clients/client-auto-scaling/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { AutoScalingClientConfig, AutoScalingClientResolvedConfig } from "../AutoScalingClient"; + +/** + * @internal + */ +export interface AutoScalingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface AutoScalingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + AutoScalingClientResolvedConfig, + HandlerExecutionContext, + AutoScalingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultAutoScalingHttpAuthSchemeParametersProvider = async ( + config: AutoScalingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: AutoScalingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "autoscaling", + region: authParameters.region, + }, + propertiesExtractor: (config: AutoScalingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface AutoScalingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultAutoScalingHttpAuthSchemeProvider: AutoScalingHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: AutoScalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: AutoScalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-auto-scaling/src/extensionConfiguration.ts b/clients/client-auto-scaling/src/extensionConfiguration.ts index 7409b601638f4..5b4d5e56e60e3 100644 --- a/clients/client-auto-scaling/src/extensionConfiguration.ts +++ b/clients/client-auto-scaling/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface AutoScalingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-auto-scaling/src/runtimeConfig.shared.ts b/clients/client-auto-scaling/src/runtimeConfig.shared.ts index e7d53620ea1a6..6c7d4d13dd2f4 100644 --- a/clients/client-auto-scaling/src/runtimeConfig.shared.ts +++ b/clients/client-auto-scaling/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultAutoScalingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { AutoScalingClientConfig } from "./AutoScalingClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: AutoScalingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultAutoScalingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Auto Scaling", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-auto-scaling/src/runtimeExtensions.ts b/clients/client-auto-scaling/src/runtimeExtensions.ts index a6d33b42b91b1..0faacd090a39a 100644 --- a/clients/client-auto-scaling/src/runtimeExtensions.ts +++ b/clients/client-auto-scaling/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { AutoScalingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-b2bi/package.json b/clients/client-b2bi/package.json index c11899014714f..3552e3d00a238 100644 --- a/clients/client-b2bi/package.json +++ b/clients/client-b2bi/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-b2bi/src/B2biClient.ts b/clients/client-b2bi/src/B2biClient.ts index 7e6997226b37c..3f28e1e679964 100644 --- a/clients/client-b2bi/src/B2biClient.ts +++ b/clients/client-b2bi/src/B2biClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultB2biHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCapabilityCommandInput, CreateCapabilityCommandOutput } from "./commands/CreateCapabilityCommand"; import { CreatePartnershipCommandInput, CreatePartnershipCommandOutput } from "./commands/CreatePartnershipCommand"; import { CreateProfileCommandInput, CreateProfileCommandOutput } from "./commands/CreateProfileCommand"; @@ -243,21 +248,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -296,8 +302,8 @@ export type B2biClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -316,8 +322,8 @@ export type B2biClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -358,8 +364,8 @@ export class B2biClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -368,8 +374,14 @@ export class B2biClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -380,4 +392,13 @@ export class B2biClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultB2biHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: B2biClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-b2bi/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-b2bi/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7858564faaebd --- /dev/null +++ b/clients/client-b2bi/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { B2biHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: B2biHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): B2biHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: B2biHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: B2biHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): B2biHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-b2bi/src/auth/httpAuthSchemeProvider.ts b/clients/client-b2bi/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dfbc64b473c28 --- /dev/null +++ b/clients/client-b2bi/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { B2biClientConfig, B2biClientResolvedConfig } from "../B2biClient"; + +/** + * @internal + */ +export interface B2biHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface B2biHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + B2biClientResolvedConfig, + HandlerExecutionContext, + B2biHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultB2biHttpAuthSchemeParametersProvider = async ( + config: B2biClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: B2biHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "b2bi", + region: authParameters.region, + }, + propertiesExtractor: (config: B2biClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface B2biHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultB2biHttpAuthSchemeProvider: B2biHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: B2biHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: B2biHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-b2bi/src/extensionConfiguration.ts b/clients/client-b2bi/src/extensionConfiguration.ts index 338d3a2ac1ed4..b470497c37f0c 100644 --- a/clients/client-b2bi/src/extensionConfiguration.ts +++ b/clients/client-b2bi/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface B2biExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-b2bi/src/runtimeConfig.shared.ts b/clients/client-b2bi/src/runtimeConfig.shared.ts index 9baf784ff7556..3228aab27f533 100644 --- a/clients/client-b2bi/src/runtimeConfig.shared.ts +++ b/clients/client-b2bi/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultB2biHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { B2biClientConfig } from "./B2biClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: B2biClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultB2biHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "b2bi", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-b2bi/src/runtimeExtensions.ts b/clients/client-b2bi/src/runtimeExtensions.ts index c64b3d2a74500..0e03b3e25541c 100644 --- a/clients/client-b2bi/src/runtimeExtensions.ts +++ b/clients/client-b2bi/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { B2biExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-backup-gateway/package.json b/clients/client-backup-gateway/package.json index ef96d976cdfbf..850446a3edd51 100644 --- a/clients/client-backup-gateway/package.json +++ b/clients/client-backup-gateway/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-backup-gateway/src/BackupGatewayClient.ts b/clients/client-backup-gateway/src/BackupGatewayClient.ts index 46c60465b80cb..14df82e10038d 100644 --- a/clients/client-backup-gateway/src/BackupGatewayClient.ts +++ b/clients/client-backup-gateway/src/BackupGatewayClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBackupGatewayHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateGatewayToServerCommandInput, AssociateGatewayToServerCommandOutput, @@ -273,21 +278,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -326,8 +332,8 @@ export type BackupGatewayClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -346,8 +352,8 @@ export type BackupGatewayClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -386,8 +392,8 @@ export class BackupGatewayClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -396,8 +402,14 @@ export class BackupGatewayClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -408,4 +420,13 @@ export class BackupGatewayClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBackupGatewayHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BackupGatewayClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-backup-gateway/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-backup-gateway/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..720b5b1911f17 --- /dev/null +++ b/clients/client-backup-gateway/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BackupGatewayHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupGatewayHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BackupGatewayHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BackupGatewayHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupGatewayHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BackupGatewayHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-backup-gateway/src/auth/httpAuthSchemeProvider.ts b/clients/client-backup-gateway/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d302a12babf9f --- /dev/null +++ b/clients/client-backup-gateway/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BackupGatewayClientConfig, BackupGatewayClientResolvedConfig } from "../BackupGatewayClient"; + +/** + * @internal + */ +export interface BackupGatewayHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BackupGatewayHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BackupGatewayClientResolvedConfig, + HandlerExecutionContext, + BackupGatewayHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBackupGatewayHttpAuthSchemeParametersProvider = async ( + config: BackupGatewayClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BackupGatewayHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "backup-gateway", + region: authParameters.region, + }, + propertiesExtractor: (config: BackupGatewayClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BackupGatewayHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBackupGatewayHttpAuthSchemeProvider: BackupGatewayHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BackupGatewayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BackupGatewayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-backup-gateway/src/extensionConfiguration.ts b/clients/client-backup-gateway/src/extensionConfiguration.ts index dc2e5ef0d9684..1e242151e2a23 100644 --- a/clients/client-backup-gateway/src/extensionConfiguration.ts +++ b/clients/client-backup-gateway/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BackupGatewayExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-backup-gateway/src/runtimeConfig.shared.ts b/clients/client-backup-gateway/src/runtimeConfig.shared.ts index 8ff807590f24b..f39e81c1f846d 100644 --- a/clients/client-backup-gateway/src/runtimeConfig.shared.ts +++ b/clients/client-backup-gateway/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBackupGatewayHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BackupGatewayClientConfig } from "./BackupGatewayClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BackupGatewayClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBackupGatewayHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Backup Gateway", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-backup-gateway/src/runtimeExtensions.ts b/clients/client-backup-gateway/src/runtimeExtensions.ts index 1bf949f86a736..c205512bdf6c0 100644 --- a/clients/client-backup-gateway/src/runtimeExtensions.ts +++ b/clients/client-backup-gateway/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BackupGatewayExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-backup/package.json b/clients/client-backup/package.json index 14c3bca5ae592..9ed9e8f2ab726 100644 --- a/clients/client-backup/package.json +++ b/clients/client-backup/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-backup/src/BackupClient.ts b/clients/client-backup/src/BackupClient.ts index f0bee987e110a..477e55b9d11f8 100644 --- a/clients/client-backup/src/BackupClient.ts +++ b/clients/client-backup/src/BackupClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBackupHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelLegalHoldCommandInput, CancelLegalHoldCommandOutput } from "./commands/CancelLegalHoldCommand"; import { CreateBackupPlanCommandInput, CreateBackupPlanCommandOutput } from "./commands/CreateBackupPlanCommand"; import { @@ -585,21 +590,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -638,8 +644,8 @@ export type BackupClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -658,8 +664,8 @@ export type BackupClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -694,8 +700,8 @@ export class BackupClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -704,8 +710,14 @@ export class BackupClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -716,4 +728,13 @@ export class BackupClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBackupHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BackupClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-backup/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-backup/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..011152363368f --- /dev/null +++ b/clients/client-backup/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BackupHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BackupHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BackupHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BackupHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-backup/src/auth/httpAuthSchemeProvider.ts b/clients/client-backup/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a943801cfe984 --- /dev/null +++ b/clients/client-backup/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BackupClientConfig, BackupClientResolvedConfig } from "../BackupClient"; + +/** + * @internal + */ +export interface BackupHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BackupHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BackupClientResolvedConfig, + HandlerExecutionContext, + BackupHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBackupHttpAuthSchemeParametersProvider = async ( + config: BackupClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BackupHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "backup", + region: authParameters.region, + }, + propertiesExtractor: (config: BackupClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BackupHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBackupHttpAuthSchemeProvider: BackupHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BackupHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BackupHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-backup/src/extensionConfiguration.ts b/clients/client-backup/src/extensionConfiguration.ts index 8ab6ae16e15ea..06119385b0320 100644 --- a/clients/client-backup/src/extensionConfiguration.ts +++ b/clients/client-backup/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BackupExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-backup/src/runtimeConfig.shared.ts b/clients/client-backup/src/runtimeConfig.shared.ts index 40b0a0f30b6ce..1a078b70638db 100644 --- a/clients/client-backup/src/runtimeConfig.shared.ts +++ b/clients/client-backup/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBackupHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BackupClientConfig } from "./BackupClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BackupClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBackupHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Backup", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-backup/src/runtimeExtensions.ts b/clients/client-backup/src/runtimeExtensions.ts index bb0fc7acd8189..84c2f1ce70a91 100644 --- a/clients/client-backup/src/runtimeExtensions.ts +++ b/clients/client-backup/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BackupExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-backupstorage/package.json b/clients/client-backupstorage/package.json index 4d59193460ef3..22f34db601f62 100644 --- a/clients/client-backupstorage/package.json +++ b/clients/client-backupstorage/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-backupstorage/src/BackupStorageClient.ts b/clients/client-backupstorage/src/BackupStorageClient.ts index ab643f7ba59bb..58d6dd5e9d966 100644 --- a/clients/client-backupstorage/src/BackupStorageClient.ts +++ b/clients/client-backupstorage/src/BackupStorageClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBackupStorageHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteObjectCommandInput, DeleteObjectCommandOutput } from "./commands/DeleteObjectCommand"; import { GetChunkCommandInput, GetChunkCommandOutput } from "./commands/GetChunkCommand"; import { GetObjectMetadataCommandInput, GetObjectMetadataCommandOutput } from "./commands/GetObjectMetadataCommand"; @@ -187,21 +192,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -246,8 +252,8 @@ export type BackupStorageClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -266,8 +272,8 @@ export type BackupStorageClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export class BackupStorageClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -308,8 +314,14 @@ export class BackupStorageClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -320,4 +332,13 @@ export class BackupStorageClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBackupStorageHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BackupStorageClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-backupstorage/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-backupstorage/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f0052be0536be --- /dev/null +++ b/clients/client-backupstorage/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BackupStorageHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupStorageHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BackupStorageHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BackupStorageHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BackupStorageHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BackupStorageHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-backupstorage/src/auth/httpAuthSchemeProvider.ts b/clients/client-backupstorage/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..98a643f827b20 --- /dev/null +++ b/clients/client-backupstorage/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BackupStorageClientConfig, BackupStorageClientResolvedConfig } from "../BackupStorageClient"; + +/** + * @internal + */ +export interface BackupStorageHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BackupStorageHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BackupStorageClientResolvedConfig, + HandlerExecutionContext, + BackupStorageHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBackupStorageHttpAuthSchemeParametersProvider = async ( + config: BackupStorageClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BackupStorageHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "backup-storage", + region: authParameters.region, + }, + propertiesExtractor: (config: BackupStorageClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BackupStorageHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBackupStorageHttpAuthSchemeProvider: BackupStorageHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BackupStorageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BackupStorageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-backupstorage/src/extensionConfiguration.ts b/clients/client-backupstorage/src/extensionConfiguration.ts index 512e8aad105a6..e17ac1bceedc5 100644 --- a/clients/client-backupstorage/src/extensionConfiguration.ts +++ b/clients/client-backupstorage/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BackupStorageExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-backupstorage/src/runtimeConfig.shared.ts b/clients/client-backupstorage/src/runtimeConfig.shared.ts index cb1f4349ec575..e288aaf2c7b96 100644 --- a/clients/client-backupstorage/src/runtimeConfig.shared.ts +++ b/clients/client-backupstorage/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBackupStorageHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BackupStorageClientConfig } from "./BackupStorageClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: BackupStorageClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBackupStorageHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "BackupStorage", diff --git a/clients/client-backupstorage/src/runtimeExtensions.ts b/clients/client-backupstorage/src/runtimeExtensions.ts index e090037ec8be5..7f8caff2c404a 100644 --- a/clients/client-backupstorage/src/runtimeExtensions.ts +++ b/clients/client-backupstorage/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BackupStorageExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-batch/package.json b/clients/client-batch/package.json index 1cbcd3d49897c..c7f902312e8d4 100644 --- a/clients/client-batch/package.json +++ b/clients/client-batch/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-batch/src/BatchClient.ts b/clients/client-batch/src/BatchClient.ts index 42a64d45c9073..65aadf31218a0 100644 --- a/clients/client-batch/src/BatchClient.ts +++ b/clients/client-batch/src/BatchClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBatchHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobCommandInput, CancelJobCommandOutput } from "./commands/CancelJobCommand"; import { CreateComputeEnvironmentCommandInput, @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type BatchClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type BatchClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -382,8 +388,8 @@ export class BatchClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -392,8 +398,14 @@ export class BatchClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -404,4 +416,13 @@ export class BatchClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBatchHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BatchClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-batch/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-batch/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e36fb2515a491 --- /dev/null +++ b/clients/client-batch/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BatchHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BatchHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BatchHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BatchHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BatchHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BatchHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-batch/src/auth/httpAuthSchemeProvider.ts b/clients/client-batch/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0377931abe56f --- /dev/null +++ b/clients/client-batch/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BatchClientConfig, BatchClientResolvedConfig } from "../BatchClient"; + +/** + * @internal + */ +export interface BatchHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BatchHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BatchClientResolvedConfig, + HandlerExecutionContext, + BatchHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBatchHttpAuthSchemeParametersProvider = async ( + config: BatchClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BatchHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "batch", + region: authParameters.region, + }, + propertiesExtractor: (config: BatchClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BatchHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBatchHttpAuthSchemeProvider: BatchHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BatchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BatchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-batch/src/extensionConfiguration.ts b/clients/client-batch/src/extensionConfiguration.ts index 76803db2e6d73..a6f3d3edc03f4 100644 --- a/clients/client-batch/src/extensionConfiguration.ts +++ b/clients/client-batch/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BatchExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-batch/src/runtimeConfig.shared.ts b/clients/client-batch/src/runtimeConfig.shared.ts index d8e86abf396a9..31949c1c43391 100644 --- a/clients/client-batch/src/runtimeConfig.shared.ts +++ b/clients/client-batch/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBatchHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BatchClientConfig } from "./BatchClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BatchClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBatchHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Batch", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-batch/src/runtimeExtensions.ts b/clients/client-batch/src/runtimeExtensions.ts index ffe8e056f3325..61caf92c43592 100644 --- a/clients/client-batch/src/runtimeExtensions.ts +++ b/clients/client-batch/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BatchExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-bcm-data-exports/package.json b/clients/client-bcm-data-exports/package.json index 07023f5ccfdd8..882c836984f90 100644 --- a/clients/client-bcm-data-exports/package.json +++ b/clients/client-bcm-data-exports/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-bcm-data-exports/src/BCMDataExportsClient.ts b/clients/client-bcm-data-exports/src/BCMDataExportsClient.ts index 88a5701810e1f..b83c3c3d5f6e7 100644 --- a/clients/client-bcm-data-exports/src/BCMDataExportsClient.ts +++ b/clients/client-bcm-data-exports/src/BCMDataExportsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBCMDataExportsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateExportCommandInput, CreateExportCommandOutput } from "./commands/CreateExportCommand"; import { DeleteExportCommandInput, DeleteExportCommandOutput } from "./commands/DeleteExportCommand"; import { GetExecutionCommandInput, GetExecutionCommandOutput } from "./commands/GetExecutionCommand"; @@ -195,21 +200,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -248,8 +254,8 @@ export type BCMDataExportsClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -268,8 +274,8 @@ export type BCMDataExportsClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export class BCMDataExportsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -317,8 +323,14 @@ export class BCMDataExportsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -329,4 +341,13 @@ export class BCMDataExportsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBCMDataExportsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BCMDataExportsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-bcm-data-exports/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-bcm-data-exports/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3561f21a0cbf9 --- /dev/null +++ b/clients/client-bcm-data-exports/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BCMDataExportsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BCMDataExportsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BCMDataExportsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BCMDataExportsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BCMDataExportsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BCMDataExportsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-bcm-data-exports/src/auth/httpAuthSchemeProvider.ts b/clients/client-bcm-data-exports/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c4ec2b62f6a18 --- /dev/null +++ b/clients/client-bcm-data-exports/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BCMDataExportsClientConfig, BCMDataExportsClientResolvedConfig } from "../BCMDataExportsClient"; + +/** + * @internal + */ +export interface BCMDataExportsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BCMDataExportsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BCMDataExportsClientResolvedConfig, + HandlerExecutionContext, + BCMDataExportsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBCMDataExportsHttpAuthSchemeParametersProvider = async ( + config: BCMDataExportsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BCMDataExportsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "bcm-data-exports", + region: authParameters.region, + }, + propertiesExtractor: (config: BCMDataExportsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BCMDataExportsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBCMDataExportsHttpAuthSchemeProvider: BCMDataExportsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BCMDataExportsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BCMDataExportsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-bcm-data-exports/src/extensionConfiguration.ts b/clients/client-bcm-data-exports/src/extensionConfiguration.ts index 8465164e95171..34b4dce1c2311 100644 --- a/clients/client-bcm-data-exports/src/extensionConfiguration.ts +++ b/clients/client-bcm-data-exports/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BCMDataExportsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-bcm-data-exports/src/runtimeConfig.shared.ts b/clients/client-bcm-data-exports/src/runtimeConfig.shared.ts index 34bfbc3de9ef7..69a6e4feb8efa 100644 --- a/clients/client-bcm-data-exports/src/runtimeConfig.shared.ts +++ b/clients/client-bcm-data-exports/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBCMDataExportsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BCMDataExportsClientConfig } from "./BCMDataExportsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BCMDataExportsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBCMDataExportsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "BCM Data Exports", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-bcm-data-exports/src/runtimeExtensions.ts b/clients/client-bcm-data-exports/src/runtimeExtensions.ts index 2ed5484d3fd29..fa27631e6a427 100644 --- a/clients/client-bcm-data-exports/src/runtimeExtensions.ts +++ b/clients/client-bcm-data-exports/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BCMDataExportsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-bedrock-agent-runtime/package.json b/clients/client-bedrock-agent-runtime/package.json index 32f7b972a2eda..40a15a200336f 100644 --- a/clients/client-bedrock-agent-runtime/package.json +++ b/clients/client-bedrock-agent-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -56,8 +55,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-bedrock-agent-runtime/src/BedrockAgentRuntimeClient.ts b/clients/client-bedrock-agent-runtime/src/BedrockAgentRuntimeClient.ts index 66aaf9b07ba85..b168d08ae1bae 100644 --- a/clients/client-bedrock-agent-runtime/src/BedrockAgentRuntimeClient.ts +++ b/clients/client-bedrock-agent-runtime/src/BedrockAgentRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBedrockAgentRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { InvokeAgentCommandInput, InvokeAgentCommandOutput } from "./commands/InvokeAgentCommand"; import { RetrieveAndGenerateCommandInput, @@ -168,21 +173,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -226,9 +232,9 @@ export type BedrockAgentRuntimeClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -247,9 +253,9 @@ export type BedrockAgentRuntimeClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -280,9 +286,9 @@ export class BedrockAgentRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -291,8 +297,14 @@ export class BedrockAgentRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -303,4 +315,13 @@ export class BedrockAgentRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBedrockAgentRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BedrockAgentRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-bedrock-agent-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-bedrock-agent-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..aa33a0a3cd42d --- /dev/null +++ b/clients/client-bedrock-agent-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BedrockAgentRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockAgentRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BedrockAgentRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BedrockAgentRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockAgentRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BedrockAgentRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-bedrock-agent-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-bedrock-agent-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bd3a483f71e41 --- /dev/null +++ b/clients/client-bedrock-agent-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BedrockAgentRuntimeClientConfig, BedrockAgentRuntimeClientResolvedConfig } from "../BedrockAgentRuntimeClient"; + +/** + * @internal + */ +export interface BedrockAgentRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BedrockAgentRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BedrockAgentRuntimeClientResolvedConfig, + HandlerExecutionContext, + BedrockAgentRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBedrockAgentRuntimeHttpAuthSchemeParametersProvider = async ( + config: BedrockAgentRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BedrockAgentRuntimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "bedrock", + region: authParameters.region, + }, + propertiesExtractor: (config: BedrockAgentRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BedrockAgentRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBedrockAgentRuntimeHttpAuthSchemeProvider: BedrockAgentRuntimeHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BedrockAgentRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BedrockAgentRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-bedrock-agent-runtime/src/extensionConfiguration.ts b/clients/client-bedrock-agent-runtime/src/extensionConfiguration.ts index 08e8324703a46..284b600f09495 100644 --- a/clients/client-bedrock-agent-runtime/src/extensionConfiguration.ts +++ b/clients/client-bedrock-agent-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BedrockAgentRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-bedrock-agent-runtime/src/runtimeConfig.shared.ts b/clients/client-bedrock-agent-runtime/src/runtimeConfig.shared.ts index f6bf4a1e4e2b3..98fc142e9881a 100644 --- a/clients/client-bedrock-agent-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-bedrock-agent-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBedrockAgentRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BedrockAgentRuntimeClientConfig } from "./BedrockAgentRuntimeClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BedrockAgentRuntimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBedrockAgentRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Bedrock Agent Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-bedrock-agent-runtime/src/runtimeExtensions.ts b/clients/client-bedrock-agent-runtime/src/runtimeExtensions.ts index e233d553e3e8f..26d3c52591218 100644 --- a/clients/client-bedrock-agent-runtime/src/runtimeExtensions.ts +++ b/clients/client-bedrock-agent-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BedrockAgentRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-bedrock-agent/package.json b/clients/client-bedrock-agent/package.json index d33662697e136..4473521ec9670 100644 --- a/clients/client-bedrock-agent/package.json +++ b/clients/client-bedrock-agent/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-bedrock-agent/src/BedrockAgentClient.ts b/clients/client-bedrock-agent/src/BedrockAgentClient.ts index 6cb196a9eb76e..122ddd8abeb29 100644 --- a/clients/client-bedrock-agent/src/BedrockAgentClient.ts +++ b/clients/client-bedrock-agent/src/BedrockAgentClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBedrockAgentHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAgentKnowledgeBaseCommandInput, AssociateAgentKnowledgeBaseCommandOutput, @@ -318,21 +323,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -371,8 +377,8 @@ export type BedrockAgentClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -391,8 +397,8 @@ export type BedrockAgentClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -424,8 +430,8 @@ export class BedrockAgentClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -434,8 +440,14 @@ export class BedrockAgentClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -446,4 +458,13 @@ export class BedrockAgentClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBedrockAgentHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BedrockAgentClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-bedrock-agent/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-bedrock-agent/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..164be8afc9e67 --- /dev/null +++ b/clients/client-bedrock-agent/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BedrockAgentHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockAgentHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BedrockAgentHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BedrockAgentHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockAgentHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BedrockAgentHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-bedrock-agent/src/auth/httpAuthSchemeProvider.ts b/clients/client-bedrock-agent/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..014d3264060ad --- /dev/null +++ b/clients/client-bedrock-agent/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BedrockAgentClientConfig, BedrockAgentClientResolvedConfig } from "../BedrockAgentClient"; + +/** + * @internal + */ +export interface BedrockAgentHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BedrockAgentHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BedrockAgentClientResolvedConfig, + HandlerExecutionContext, + BedrockAgentHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBedrockAgentHttpAuthSchemeParametersProvider = async ( + config: BedrockAgentClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BedrockAgentHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "bedrock", + region: authParameters.region, + }, + propertiesExtractor: (config: BedrockAgentClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BedrockAgentHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBedrockAgentHttpAuthSchemeProvider: BedrockAgentHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BedrockAgentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BedrockAgentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-bedrock-agent/src/extensionConfiguration.ts b/clients/client-bedrock-agent/src/extensionConfiguration.ts index 4a70934aef054..89965a3bdd7eb 100644 --- a/clients/client-bedrock-agent/src/extensionConfiguration.ts +++ b/clients/client-bedrock-agent/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BedrockAgentExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-bedrock-agent/src/runtimeConfig.shared.ts b/clients/client-bedrock-agent/src/runtimeConfig.shared.ts index 3e4a156ae7fe6..a53c45d2fe562 100644 --- a/clients/client-bedrock-agent/src/runtimeConfig.shared.ts +++ b/clients/client-bedrock-agent/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBedrockAgentHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BedrockAgentClientConfig } from "./BedrockAgentClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BedrockAgentClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBedrockAgentHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Bedrock Agent", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-bedrock-agent/src/runtimeExtensions.ts b/clients/client-bedrock-agent/src/runtimeExtensions.ts index 8c32402c15a5a..4f49fcd7bfefc 100644 --- a/clients/client-bedrock-agent/src/runtimeExtensions.ts +++ b/clients/client-bedrock-agent/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BedrockAgentExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-bedrock-runtime/package.json b/clients/client-bedrock-runtime/package.json index f3efd861c9812..ac1a1566a7e1f 100644 --- a/clients/client-bedrock-runtime/package.json +++ b/clients/client-bedrock-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -56,8 +55,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-bedrock-runtime/src/BedrockRuntimeClient.ts b/clients/client-bedrock-runtime/src/BedrockRuntimeClient.ts index d934f11777a30..8eabe0ee94985 100644 --- a/clients/client-bedrock-runtime/src/BedrockRuntimeClient.ts +++ b/clients/client-bedrock-runtime/src/BedrockRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBedrockRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { InvokeModelCommandInput, InvokeModelCommandOutput } from "./commands/InvokeModelCommand"; import { InvokeModelWithResponseStreamCommandInput, @@ -167,21 +172,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -225,9 +231,9 @@ export type BedrockRuntimeClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -246,9 +252,9 @@ export type BedrockRuntimeClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -279,9 +285,9 @@ export class BedrockRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -290,8 +296,14 @@ export class BedrockRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -302,4 +314,13 @@ export class BedrockRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBedrockRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BedrockRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-bedrock-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-bedrock-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..dc353d62b03e6 --- /dev/null +++ b/clients/client-bedrock-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BedrockRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BedrockRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BedrockRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BedrockRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-bedrock-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-bedrock-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3f15e73b0e7f9 --- /dev/null +++ b/clients/client-bedrock-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BedrockRuntimeClientConfig, BedrockRuntimeClientResolvedConfig } from "../BedrockRuntimeClient"; + +/** + * @internal + */ +export interface BedrockRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BedrockRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BedrockRuntimeClientResolvedConfig, + HandlerExecutionContext, + BedrockRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBedrockRuntimeHttpAuthSchemeParametersProvider = async ( + config: BedrockRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BedrockRuntimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "bedrock", + region: authParameters.region, + }, + propertiesExtractor: (config: BedrockRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BedrockRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBedrockRuntimeHttpAuthSchemeProvider: BedrockRuntimeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BedrockRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BedrockRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-bedrock-runtime/src/extensionConfiguration.ts b/clients/client-bedrock-runtime/src/extensionConfiguration.ts index ad359fff94681..3808a9dc79c3a 100644 --- a/clients/client-bedrock-runtime/src/extensionConfiguration.ts +++ b/clients/client-bedrock-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BedrockRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-bedrock-runtime/src/runtimeConfig.shared.ts b/clients/client-bedrock-runtime/src/runtimeConfig.shared.ts index e08aab16ad4cd..d1773b4b73cb7 100644 --- a/clients/client-bedrock-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-bedrock-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBedrockRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BedrockRuntimeClientConfig } from "./BedrockRuntimeClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BedrockRuntimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBedrockRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Bedrock Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-bedrock-runtime/src/runtimeExtensions.ts b/clients/client-bedrock-runtime/src/runtimeExtensions.ts index ecf070f5f2af7..80c149fcefdf3 100644 --- a/clients/client-bedrock-runtime/src/runtimeExtensions.ts +++ b/clients/client-bedrock-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BedrockRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-bedrock/package.json b/clients/client-bedrock/package.json index 037f6185c84c0..035174051482a 100644 --- a/clients/client-bedrock/package.json +++ b/clients/client-bedrock/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-bedrock/src/BedrockClient.ts b/clients/client-bedrock/src/BedrockClient.ts index d84a290b76c4a..b45a7ae4c4397 100644 --- a/clients/client-bedrock/src/BedrockClient.ts +++ b/clients/client-bedrock/src/BedrockClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBedrockHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateModelCustomizationJobCommandInput, CreateModelCustomizationJobCommandOutput, @@ -258,21 +263,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -311,8 +317,8 @@ export type BedrockClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -331,8 +337,8 @@ export type BedrockClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -363,8 +369,8 @@ export class BedrockClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -373,8 +379,14 @@ export class BedrockClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -385,4 +397,13 @@ export class BedrockClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBedrockHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BedrockClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-bedrock/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-bedrock/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6cc303ed3287e --- /dev/null +++ b/clients/client-bedrock/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BedrockHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BedrockHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BedrockHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BedrockHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BedrockHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-bedrock/src/auth/httpAuthSchemeProvider.ts b/clients/client-bedrock/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fec03524dbd71 --- /dev/null +++ b/clients/client-bedrock/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BedrockClientConfig, BedrockClientResolvedConfig } from "../BedrockClient"; + +/** + * @internal + */ +export interface BedrockHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BedrockHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BedrockClientResolvedConfig, + HandlerExecutionContext, + BedrockHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBedrockHttpAuthSchemeParametersProvider = async ( + config: BedrockClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BedrockHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "bedrock", + region: authParameters.region, + }, + propertiesExtractor: (config: BedrockClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BedrockHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBedrockHttpAuthSchemeProvider: BedrockHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BedrockHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BedrockHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-bedrock/src/extensionConfiguration.ts b/clients/client-bedrock/src/extensionConfiguration.ts index c521cf58df0a2..b846198a4f3f5 100644 --- a/clients/client-bedrock/src/extensionConfiguration.ts +++ b/clients/client-bedrock/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BedrockExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-bedrock/src/runtimeConfig.shared.ts b/clients/client-bedrock/src/runtimeConfig.shared.ts index 4c988bcaee913..e9b25f709ad68 100644 --- a/clients/client-bedrock/src/runtimeConfig.shared.ts +++ b/clients/client-bedrock/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBedrockHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BedrockClientConfig } from "./BedrockClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BedrockClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBedrockHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Bedrock", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-bedrock/src/runtimeExtensions.ts b/clients/client-bedrock/src/runtimeExtensions.ts index c8d5dec9fb239..96d17f68f8b41 100644 --- a/clients/client-bedrock/src/runtimeExtensions.ts +++ b/clients/client-bedrock/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BedrockExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-billingconductor/package.json b/clients/client-billingconductor/package.json index 8527af0682e98..bb36cebaa993a 100644 --- a/clients/client-billingconductor/package.json +++ b/clients/client-billingconductor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-billingconductor/src/BillingconductorClient.ts b/clients/client-billingconductor/src/BillingconductorClient.ts index a44235d3cbf9f..a60579cfe38e5 100644 --- a/clients/client-billingconductor/src/BillingconductorClient.ts +++ b/clients/client-billingconductor/src/BillingconductorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBillingconductorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAccountsCommandInput, AssociateAccountsCommandOutput } from "./commands/AssociateAccountsCommand"; import { AssociatePricingRulesCommandInput, @@ -303,21 +308,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -356,8 +362,8 @@ export type BillingconductorClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -376,8 +382,8 @@ export type BillingconductorClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -420,8 +426,8 @@ export class BillingconductorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -430,8 +436,14 @@ export class BillingconductorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -442,4 +454,13 @@ export class BillingconductorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBillingconductorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BillingconductorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-billingconductor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-billingconductor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2540239e93058 --- /dev/null +++ b/clients/client-billingconductor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BillingconductorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BillingconductorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BillingconductorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BillingconductorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BillingconductorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BillingconductorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-billingconductor/src/auth/httpAuthSchemeProvider.ts b/clients/client-billingconductor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c5837c3d45b71 --- /dev/null +++ b/clients/client-billingconductor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BillingconductorClientConfig, BillingconductorClientResolvedConfig } from "../BillingconductorClient"; + +/** + * @internal + */ +export interface BillingconductorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BillingconductorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BillingconductorClientResolvedConfig, + HandlerExecutionContext, + BillingconductorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBillingconductorHttpAuthSchemeParametersProvider = async ( + config: BillingconductorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BillingconductorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "billingconductor", + region: authParameters.region, + }, + propertiesExtractor: (config: BillingconductorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BillingconductorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBillingconductorHttpAuthSchemeProvider: BillingconductorHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BillingconductorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BillingconductorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-billingconductor/src/extensionConfiguration.ts b/clients/client-billingconductor/src/extensionConfiguration.ts index 9648abdf559c3..ff12ad90068fe 100644 --- a/clients/client-billingconductor/src/extensionConfiguration.ts +++ b/clients/client-billingconductor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BillingconductorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-billingconductor/src/runtimeConfig.shared.ts b/clients/client-billingconductor/src/runtimeConfig.shared.ts index d7e36bb282829..cf56f4c2a1228 100644 --- a/clients/client-billingconductor/src/runtimeConfig.shared.ts +++ b/clients/client-billingconductor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBillingconductorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BillingconductorClientConfig } from "./BillingconductorClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BillingconductorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBillingconductorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "billingconductor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-billingconductor/src/runtimeExtensions.ts b/clients/client-billingconductor/src/runtimeExtensions.ts index ca1ae9a4ad80c..d15cd26a86a62 100644 --- a/clients/client-billingconductor/src/runtimeExtensions.ts +++ b/clients/client-billingconductor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BillingconductorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-braket/package.json b/clients/client-braket/package.json index 4ba04a5a05ed0..b1cac4ac66eb8 100644 --- a/clients/client-braket/package.json +++ b/clients/client-braket/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-braket/src/BraketClient.ts b/clients/client-braket/src/BraketClient.ts index 49718635c592b..67a9f7f3f3594 100644 --- a/clients/client-braket/src/BraketClient.ts +++ b/clients/client-braket/src/BraketClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBraketHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobCommandInput, CancelJobCommandOutput } from "./commands/CancelJobCommand"; import { CancelQuantumTaskCommandInput, CancelQuantumTaskCommandOutput } from "./commands/CancelQuantumTaskCommand"; import { CreateJobCommandInput, CreateJobCommandOutput } from "./commands/CreateJobCommand"; @@ -198,21 +203,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -251,8 +257,8 @@ export type BraketClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -271,8 +277,8 @@ export type BraketClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -312,8 +318,8 @@ export class BraketClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -322,8 +328,14 @@ export class BraketClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -334,4 +346,13 @@ export class BraketClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBraketHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BraketClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-braket/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-braket/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a291807eec05d --- /dev/null +++ b/clients/client-braket/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BraketHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BraketHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BraketHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BraketHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BraketHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BraketHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-braket/src/auth/httpAuthSchemeProvider.ts b/clients/client-braket/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d3d243bdcee32 --- /dev/null +++ b/clients/client-braket/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BraketClientConfig, BraketClientResolvedConfig } from "../BraketClient"; + +/** + * @internal + */ +export interface BraketHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BraketHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BraketClientResolvedConfig, + HandlerExecutionContext, + BraketHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBraketHttpAuthSchemeParametersProvider = async ( + config: BraketClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BraketHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "braket", + region: authParameters.region, + }, + propertiesExtractor: (config: BraketClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BraketHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBraketHttpAuthSchemeProvider: BraketHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BraketHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BraketHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-braket/src/extensionConfiguration.ts b/clients/client-braket/src/extensionConfiguration.ts index d62d798437123..0c1c90d702ac6 100644 --- a/clients/client-braket/src/extensionConfiguration.ts +++ b/clients/client-braket/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BraketExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-braket/src/runtimeConfig.shared.ts b/clients/client-braket/src/runtimeConfig.shared.ts index fcc3ee949bf63..cf85f29a15587 100644 --- a/clients/client-braket/src/runtimeConfig.shared.ts +++ b/clients/client-braket/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBraketHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BraketClientConfig } from "./BraketClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BraketClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBraketHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Braket", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-braket/src/runtimeExtensions.ts b/clients/client-braket/src/runtimeExtensions.ts index 0a122538dc710..d936a6080ae90 100644 --- a/clients/client-braket/src/runtimeExtensions.ts +++ b/clients/client-braket/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BraketExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-budgets/package.json b/clients/client-budgets/package.json index 2dad5fcfe846c..15b296a136d00 100644 --- a/clients/client-budgets/package.json +++ b/clients/client-budgets/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-budgets/src/BudgetsClient.ts b/clients/client-budgets/src/BudgetsClient.ts index 3339b90d232bb..f80af7e4c5cc0 100644 --- a/clients/client-budgets/src/BudgetsClient.ts +++ b/clients/client-budgets/src/BudgetsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultBudgetsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBudgetActionCommandInput, CreateBudgetActionCommandOutput } from "./commands/CreateBudgetActionCommand"; import { CreateBudgetCommandInput, CreateBudgetCommandOutput } from "./commands/CreateBudgetCommand"; import { CreateNotificationCommandInput, CreateNotificationCommandOutput } from "./commands/CreateNotificationCommand"; @@ -252,21 +257,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -305,8 +311,8 @@ export type BudgetsClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -325,8 +331,8 @@ export type BudgetsClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -399,8 +405,8 @@ export class BudgetsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -409,8 +415,14 @@ export class BudgetsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -421,4 +433,13 @@ export class BudgetsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultBudgetsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: BudgetsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-budgets/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-budgets/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ff4cff2d36ff5 --- /dev/null +++ b/clients/client-budgets/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { BudgetsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BudgetsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): BudgetsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: BudgetsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: BudgetsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): BudgetsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-budgets/src/auth/httpAuthSchemeProvider.ts b/clients/client-budgets/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7423bd7c970d5 --- /dev/null +++ b/clients/client-budgets/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { BudgetsClientConfig, BudgetsClientResolvedConfig } from "../BudgetsClient"; + +/** + * @internal + */ +export interface BudgetsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface BudgetsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + BudgetsClientResolvedConfig, + HandlerExecutionContext, + BudgetsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultBudgetsHttpAuthSchemeParametersProvider = async ( + config: BudgetsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: BudgetsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "budgets", + region: authParameters.region, + }, + propertiesExtractor: (config: BudgetsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface BudgetsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultBudgetsHttpAuthSchemeProvider: BudgetsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: BudgetsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: BudgetsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-budgets/src/extensionConfiguration.ts b/clients/client-budgets/src/extensionConfiguration.ts index 13314ec6056dd..4037c256ce234 100644 --- a/clients/client-budgets/src/extensionConfiguration.ts +++ b/clients/client-budgets/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface BudgetsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-budgets/src/runtimeConfig.shared.ts b/clients/client-budgets/src/runtimeConfig.shared.ts index 13e185e11f761..ddc467bd04781 100644 --- a/clients/client-budgets/src/runtimeConfig.shared.ts +++ b/clients/client-budgets/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultBudgetsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { BudgetsClientConfig } from "./BudgetsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: BudgetsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultBudgetsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Budgets", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-budgets/src/runtimeExtensions.ts b/clients/client-budgets/src/runtimeExtensions.ts index 39c6b91724a95..9bdb6b0bc5370 100644 --- a/clients/client-budgets/src/runtimeExtensions.ts +++ b/clients/client-budgets/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { BudgetsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime-sdk-identity/package.json b/clients/client-chime-sdk-identity/package.json index eb56f762f5198..802cbfacf4c97 100644 --- a/clients/client-chime-sdk-identity/package.json +++ b/clients/client-chime-sdk-identity/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-chime-sdk-identity/src/ChimeSDKIdentityClient.ts b/clients/client-chime-sdk-identity/src/ChimeSDKIdentityClient.ts index 8d693d7410e98..1a5e1e2667594 100644 --- a/clients/client-chime-sdk-identity/src/ChimeSDKIdentityClient.ts +++ b/clients/client-chime-sdk-identity/src/ChimeSDKIdentityClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeSDKIdentityHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAppInstanceAdminCommandInput, CreateAppInstanceAdminCommandOutput, @@ -318,21 +323,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -371,8 +377,8 @@ export type ChimeSDKIdentityClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -391,8 +397,8 @@ export type ChimeSDKIdentityClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -426,8 +432,8 @@ export class ChimeSDKIdentityClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -436,8 +442,14 @@ export class ChimeSDKIdentityClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -448,4 +460,13 @@ export class ChimeSDKIdentityClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeSDKIdentityHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeSDKIdentityClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime-sdk-identity/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime-sdk-identity/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0c0f7afc90e6c --- /dev/null +++ b/clients/client-chime-sdk-identity/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeSDKIdentityHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKIdentityHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeSDKIdentityHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeSDKIdentityHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKIdentityHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeSDKIdentityHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime-sdk-identity/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime-sdk-identity/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0b970e8809077 --- /dev/null +++ b/clients/client-chime-sdk-identity/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ChimeSDKIdentityClientConfig, ChimeSDKIdentityClientResolvedConfig } from "../ChimeSDKIdentityClient"; + +/** + * @internal + */ +export interface ChimeSDKIdentityHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeSDKIdentityHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeSDKIdentityClientResolvedConfig, + HandlerExecutionContext, + ChimeSDKIdentityHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeSDKIdentityHttpAuthSchemeParametersProvider = async ( + config: ChimeSDKIdentityClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ChimeSDKIdentityHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeSDKIdentityClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeSDKIdentityHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeSDKIdentityHttpAuthSchemeProvider: ChimeSDKIdentityHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeSDKIdentityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeSDKIdentityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime-sdk-identity/src/extensionConfiguration.ts b/clients/client-chime-sdk-identity/src/extensionConfiguration.ts index d37524c519374..c17cba0355a62 100644 --- a/clients/client-chime-sdk-identity/src/extensionConfiguration.ts +++ b/clients/client-chime-sdk-identity/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeSDKIdentityExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime-sdk-identity/src/runtimeConfig.shared.ts b/clients/client-chime-sdk-identity/src/runtimeConfig.shared.ts index 167afb75c16ff..6cbfd26c3f535 100644 --- a/clients/client-chime-sdk-identity/src/runtimeConfig.shared.ts +++ b/clients/client-chime-sdk-identity/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeSDKIdentityHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeSDKIdentityClientConfig } from "./ChimeSDKIdentityClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeSDKIdentityClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeSDKIdentityHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime SDK Identity", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime-sdk-identity/src/runtimeExtensions.ts b/clients/client-chime-sdk-identity/src/runtimeExtensions.ts index 583c6144c5436..8828faee3b86f 100644 --- a/clients/client-chime-sdk-identity/src/runtimeExtensions.ts +++ b/clients/client-chime-sdk-identity/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeSDKIdentityExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime-sdk-media-pipelines/package.json b/clients/client-chime-sdk-media-pipelines/package.json index 9115fdca17dbc..739082e6a6516 100644 --- a/clients/client-chime-sdk-media-pipelines/package.json +++ b/clients/client-chime-sdk-media-pipelines/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-chime-sdk-media-pipelines/src/ChimeSDKMediaPipelinesClient.ts b/clients/client-chime-sdk-media-pipelines/src/ChimeSDKMediaPipelinesClient.ts index 75bf6d4408b11..59a8836d413b0 100644 --- a/clients/client-chime-sdk-media-pipelines/src/ChimeSDKMediaPipelinesClient.ts +++ b/clients/client-chime-sdk-media-pipelines/src/ChimeSDKMediaPipelinesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeSDKMediaPipelinesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateMediaCapturePipelineCommandInput, CreateMediaCapturePipelineCommandOutput, @@ -330,21 +335,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -383,8 +389,8 @@ export type ChimeSDKMediaPipelinesClientConfigType = Partial<__SmithyConfigurati EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -403,8 +409,8 @@ export type ChimeSDKMediaPipelinesClientResolvedConfigType = __SmithyResolvedCon EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -436,8 +442,8 @@ export class ChimeSDKMediaPipelinesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -446,8 +452,14 @@ export class ChimeSDKMediaPipelinesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -458,4 +470,13 @@ export class ChimeSDKMediaPipelinesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeSDKMediaPipelinesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeSDKMediaPipelinesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..86c90c80d16b6 --- /dev/null +++ b/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeSDKMediaPipelinesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMediaPipelinesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeSDKMediaPipelinesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeSDKMediaPipelinesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMediaPipelinesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeSDKMediaPipelinesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..470379441269f --- /dev/null +++ b/clients/client-chime-sdk-media-pipelines/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ChimeSDKMediaPipelinesClientConfig, + ChimeSDKMediaPipelinesClientResolvedConfig, +} from "../ChimeSDKMediaPipelinesClient"; + +/** + * @internal + */ +export interface ChimeSDKMediaPipelinesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeSDKMediaPipelinesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeSDKMediaPipelinesClientResolvedConfig, + HandlerExecutionContext, + ChimeSDKMediaPipelinesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeSDKMediaPipelinesHttpAuthSchemeParametersProvider = async ( + config: ChimeSDKMediaPipelinesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ChimeSDKMediaPipelinesHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeSDKMediaPipelinesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeSDKMediaPipelinesHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeSDKMediaPipelinesHttpAuthSchemeProvider: ChimeSDKMediaPipelinesHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeSDKMediaPipelinesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeSDKMediaPipelinesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime-sdk-media-pipelines/src/extensionConfiguration.ts b/clients/client-chime-sdk-media-pipelines/src/extensionConfiguration.ts index c0a392918eb02..02ef3703bfcae 100644 --- a/clients/client-chime-sdk-media-pipelines/src/extensionConfiguration.ts +++ b/clients/client-chime-sdk-media-pipelines/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeSDKMediaPipelinesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime-sdk-media-pipelines/src/runtimeConfig.shared.ts b/clients/client-chime-sdk-media-pipelines/src/runtimeConfig.shared.ts index 60e21d3c0c5c5..caa048b62d368 100644 --- a/clients/client-chime-sdk-media-pipelines/src/runtimeConfig.shared.ts +++ b/clients/client-chime-sdk-media-pipelines/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeSDKMediaPipelinesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeSDKMediaPipelinesClientConfig } from "./ChimeSDKMediaPipelinesClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeSDKMediaPipelinesClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeSDKMediaPipelinesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime SDK Media Pipelines", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime-sdk-media-pipelines/src/runtimeExtensions.ts b/clients/client-chime-sdk-media-pipelines/src/runtimeExtensions.ts index 804c46b7cf6cb..022d931ba46fb 100644 --- a/clients/client-chime-sdk-media-pipelines/src/runtimeExtensions.ts +++ b/clients/client-chime-sdk-media-pipelines/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeSDKMediaPipelinesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime-sdk-meetings/package.json b/clients/client-chime-sdk-meetings/package.json index b262af295f9c6..c90ee4d460ffe 100644 --- a/clients/client-chime-sdk-meetings/package.json +++ b/clients/client-chime-sdk-meetings/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-chime-sdk-meetings/src/ChimeSDKMeetingsClient.ts b/clients/client-chime-sdk-meetings/src/ChimeSDKMeetingsClient.ts index ec001f7a05d7a..6ed2cee5d3033 100644 --- a/clients/client-chime-sdk-meetings/src/ChimeSDKMeetingsClient.ts +++ b/clients/client-chime-sdk-meetings/src/ChimeSDKMeetingsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeSDKMeetingsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreateAttendeeCommandInput, BatchCreateAttendeeCommandOutput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type ChimeSDKMeetingsClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type ChimeSDKMeetingsClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -332,8 +338,8 @@ export class ChimeSDKMeetingsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -342,8 +348,14 @@ export class ChimeSDKMeetingsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -354,4 +366,13 @@ export class ChimeSDKMeetingsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeSDKMeetingsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeSDKMeetingsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime-sdk-meetings/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime-sdk-meetings/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..973e858588548 --- /dev/null +++ b/clients/client-chime-sdk-meetings/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeSDKMeetingsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMeetingsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeSDKMeetingsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeSDKMeetingsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMeetingsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeSDKMeetingsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime-sdk-meetings/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime-sdk-meetings/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5672c44cb7e72 --- /dev/null +++ b/clients/client-chime-sdk-meetings/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ChimeSDKMeetingsClientConfig, ChimeSDKMeetingsClientResolvedConfig } from "../ChimeSDKMeetingsClient"; + +/** + * @internal + */ +export interface ChimeSDKMeetingsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeSDKMeetingsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeSDKMeetingsClientResolvedConfig, + HandlerExecutionContext, + ChimeSDKMeetingsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeSDKMeetingsHttpAuthSchemeParametersProvider = async ( + config: ChimeSDKMeetingsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ChimeSDKMeetingsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeSDKMeetingsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeSDKMeetingsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeSDKMeetingsHttpAuthSchemeProvider: ChimeSDKMeetingsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeSDKMeetingsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeSDKMeetingsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime-sdk-meetings/src/extensionConfiguration.ts b/clients/client-chime-sdk-meetings/src/extensionConfiguration.ts index 274dce17e50c6..b174f28443df8 100644 --- a/clients/client-chime-sdk-meetings/src/extensionConfiguration.ts +++ b/clients/client-chime-sdk-meetings/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeSDKMeetingsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime-sdk-meetings/src/runtimeConfig.shared.ts b/clients/client-chime-sdk-meetings/src/runtimeConfig.shared.ts index 33a411206321a..06b535b81aaf1 100644 --- a/clients/client-chime-sdk-meetings/src/runtimeConfig.shared.ts +++ b/clients/client-chime-sdk-meetings/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeSDKMeetingsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeSDKMeetingsClientConfig } from "./ChimeSDKMeetingsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeSDKMeetingsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeSDKMeetingsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime SDK Meetings", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime-sdk-meetings/src/runtimeExtensions.ts b/clients/client-chime-sdk-meetings/src/runtimeExtensions.ts index 6e065ad731221..c9aba2d94ead7 100644 --- a/clients/client-chime-sdk-meetings/src/runtimeExtensions.ts +++ b/clients/client-chime-sdk-meetings/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeSDKMeetingsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime-sdk-messaging/package.json b/clients/client-chime-sdk-messaging/package.json index 286af53d786b0..5a0bb77076efc 100644 --- a/clients/client-chime-sdk-messaging/package.json +++ b/clients/client-chime-sdk-messaging/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-chime-sdk-messaging/src/ChimeSDKMessagingClient.ts b/clients/client-chime-sdk-messaging/src/ChimeSDKMessagingClient.ts index 281682b2ee160..9a6896e92fa53 100644 --- a/clients/client-chime-sdk-messaging/src/ChimeSDKMessagingClient.ts +++ b/clients/client-chime-sdk-messaging/src/ChimeSDKMessagingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeSDKMessagingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateChannelFlowCommandInput, AssociateChannelFlowCommandOutput, @@ -405,21 +410,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -458,8 +464,8 @@ export type ChimeSDKMessagingClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -478,8 +484,8 @@ export type ChimeSDKMessagingClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -513,8 +519,8 @@ export class ChimeSDKMessagingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -523,8 +529,14 @@ export class ChimeSDKMessagingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -535,4 +547,13 @@ export class ChimeSDKMessagingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeSDKMessagingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeSDKMessagingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime-sdk-messaging/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime-sdk-messaging/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..23c312bac843f --- /dev/null +++ b/clients/client-chime-sdk-messaging/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeSDKMessagingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMessagingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeSDKMessagingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeSDKMessagingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKMessagingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeSDKMessagingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime-sdk-messaging/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime-sdk-messaging/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fc2ed8ea04189 --- /dev/null +++ b/clients/client-chime-sdk-messaging/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ChimeSDKMessagingClientConfig, ChimeSDKMessagingClientResolvedConfig } from "../ChimeSDKMessagingClient"; + +/** + * @internal + */ +export interface ChimeSDKMessagingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeSDKMessagingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeSDKMessagingClientResolvedConfig, + HandlerExecutionContext, + ChimeSDKMessagingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeSDKMessagingHttpAuthSchemeParametersProvider = async ( + config: ChimeSDKMessagingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ChimeSDKMessagingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeSDKMessagingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeSDKMessagingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeSDKMessagingHttpAuthSchemeProvider: ChimeSDKMessagingHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeSDKMessagingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeSDKMessagingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime-sdk-messaging/src/extensionConfiguration.ts b/clients/client-chime-sdk-messaging/src/extensionConfiguration.ts index 6adb38ad20b23..9e0bdd27e40f4 100644 --- a/clients/client-chime-sdk-messaging/src/extensionConfiguration.ts +++ b/clients/client-chime-sdk-messaging/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeSDKMessagingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime-sdk-messaging/src/runtimeConfig.shared.ts b/clients/client-chime-sdk-messaging/src/runtimeConfig.shared.ts index a25805cd94e20..590f6ca264818 100644 --- a/clients/client-chime-sdk-messaging/src/runtimeConfig.shared.ts +++ b/clients/client-chime-sdk-messaging/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeSDKMessagingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeSDKMessagingClientConfig } from "./ChimeSDKMessagingClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeSDKMessagingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeSDKMessagingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime SDK Messaging", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime-sdk-messaging/src/runtimeExtensions.ts b/clients/client-chime-sdk-messaging/src/runtimeExtensions.ts index 38003a2426c8f..018ac4995b22f 100644 --- a/clients/client-chime-sdk-messaging/src/runtimeExtensions.ts +++ b/clients/client-chime-sdk-messaging/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeSDKMessagingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime-sdk-voice/package.json b/clients/client-chime-sdk-voice/package.json index 2f5a703a0e4dd..32d6e4ef44373 100644 --- a/clients/client-chime-sdk-voice/package.json +++ b/clients/client-chime-sdk-voice/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-chime-sdk-voice/src/ChimeSDKVoiceClient.ts b/clients/client-chime-sdk-voice/src/ChimeSDKVoiceClient.ts index 95f3140ec1187..136dd81774888 100644 --- a/clients/client-chime-sdk-voice/src/ChimeSDKVoiceClient.ts +++ b/clients/client-chime-sdk-voice/src/ChimeSDKVoiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeSDKVoiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociatePhoneNumbersWithVoiceConnectorCommandInput, AssociatePhoneNumbersWithVoiceConnectorCommandOutput, @@ -642,21 +647,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -695,8 +701,8 @@ export type ChimeSDKVoiceClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -715,8 +721,8 @@ export type ChimeSDKVoiceClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -748,8 +754,8 @@ export class ChimeSDKVoiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -758,8 +764,14 @@ export class ChimeSDKVoiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -770,4 +782,13 @@ export class ChimeSDKVoiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeSDKVoiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeSDKVoiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime-sdk-voice/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime-sdk-voice/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8f0260cf7fcd3 --- /dev/null +++ b/clients/client-chime-sdk-voice/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeSDKVoiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKVoiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeSDKVoiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeSDKVoiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeSDKVoiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeSDKVoiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime-sdk-voice/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime-sdk-voice/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2ee3e781ae9ec --- /dev/null +++ b/clients/client-chime-sdk-voice/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ChimeSDKVoiceClientConfig, ChimeSDKVoiceClientResolvedConfig } from "../ChimeSDKVoiceClient"; + +/** + * @internal + */ +export interface ChimeSDKVoiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeSDKVoiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeSDKVoiceClientResolvedConfig, + HandlerExecutionContext, + ChimeSDKVoiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeSDKVoiceHttpAuthSchemeParametersProvider = async ( + config: ChimeSDKVoiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ChimeSDKVoiceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeSDKVoiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeSDKVoiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeSDKVoiceHttpAuthSchemeProvider: ChimeSDKVoiceHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeSDKVoiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeSDKVoiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime-sdk-voice/src/extensionConfiguration.ts b/clients/client-chime-sdk-voice/src/extensionConfiguration.ts index 404a39c80572e..cc856b66b68cb 100644 --- a/clients/client-chime-sdk-voice/src/extensionConfiguration.ts +++ b/clients/client-chime-sdk-voice/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeSDKVoiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime-sdk-voice/src/runtimeConfig.shared.ts b/clients/client-chime-sdk-voice/src/runtimeConfig.shared.ts index cffe3f1e0a186..3c3e0b2fc1031 100644 --- a/clients/client-chime-sdk-voice/src/runtimeConfig.shared.ts +++ b/clients/client-chime-sdk-voice/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeSDKVoiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeSDKVoiceClientConfig } from "./ChimeSDKVoiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeSDKVoiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeSDKVoiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime SDK Voice", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime-sdk-voice/src/runtimeExtensions.ts b/clients/client-chime-sdk-voice/src/runtimeExtensions.ts index 510d5711bce8f..0a1483a33a877 100644 --- a/clients/client-chime-sdk-voice/src/runtimeExtensions.ts +++ b/clients/client-chime-sdk-voice/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeSDKVoiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-chime/package.json b/clients/client-chime/package.json index 6d1e36598df9e..f779bc9cf6b90 100644 --- a/clients/client-chime/package.json +++ b/clients/client-chime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-chime/src/ChimeClient.ts b/clients/client-chime/src/ChimeClient.ts index b604a0b68688f..bab9faad395ec 100644 --- a/clients/client-chime/src/ChimeClient.ts +++ b/clients/client-chime/src/ChimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultChimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociatePhoneNumbersWithVoiceConnectorCommandInput, AssociatePhoneNumbersWithVoiceConnectorCommandOutput, @@ -1074,21 +1079,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1127,8 +1133,8 @@ export type ChimeClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1147,8 +1153,8 @@ export type ChimeClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1223,8 +1229,8 @@ export class ChimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1233,8 +1239,14 @@ export class ChimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1245,4 +1257,13 @@ export class ChimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultChimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ChimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-chime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-chime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5ebdb013776c9 --- /dev/null +++ b/clients/client-chime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ChimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ChimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ChimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ChimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ChimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-chime/src/auth/httpAuthSchemeProvider.ts b/clients/client-chime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..97dcb0eefab0c --- /dev/null +++ b/clients/client-chime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ChimeClientConfig, ChimeClientResolvedConfig } from "../ChimeClient"; + +/** + * @internal + */ +export interface ChimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ChimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ChimeClientResolvedConfig, + HandlerExecutionContext, + ChimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultChimeHttpAuthSchemeParametersProvider = async ( + config: ChimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ChimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "chime", + region: authParameters.region, + }, + propertiesExtractor: (config: ChimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ChimeHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultChimeHttpAuthSchemeProvider: ChimeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ChimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ChimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-chime/src/extensionConfiguration.ts b/clients/client-chime/src/extensionConfiguration.ts index 8fc2876008e14..52691c56f8c55 100644 --- a/clients/client-chime/src/extensionConfiguration.ts +++ b/clients/client-chime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ChimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-chime/src/runtimeConfig.shared.ts b/clients/client-chime/src/runtimeConfig.shared.ts index d02ebdd8f65f4..f51e31f908f19 100644 --- a/clients/client-chime/src/runtimeConfig.shared.ts +++ b/clients/client-chime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultChimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ChimeClientConfig } from "./ChimeClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ChimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultChimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Chime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-chime/src/runtimeExtensions.ts b/clients/client-chime/src/runtimeExtensions.ts index 76d4cf2d47dd8..7dee17cf74678 100644 --- a/clients/client-chime/src/runtimeExtensions.ts +++ b/clients/client-chime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ChimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cleanrooms/package.json b/clients/client-cleanrooms/package.json index 33a183ee28d6a..b0278f54b829c 100644 --- a/clients/client-cleanrooms/package.json +++ b/clients/client-cleanrooms/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cleanrooms/src/CleanRoomsClient.ts b/clients/client-cleanrooms/src/CleanRoomsClient.ts index 1dc27b68f0881..68466558bc38f 100644 --- a/clients/client-cleanrooms/src/CleanRoomsClient.ts +++ b/clients/client-cleanrooms/src/CleanRoomsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCleanRoomsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetCollaborationAnalysisTemplateCommandInput, BatchGetCollaborationAnalysisTemplateCommandOutput, @@ -477,21 +482,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -530,8 +536,8 @@ export type CleanRoomsClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -550,8 +556,8 @@ export type CleanRoomsClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -590,8 +596,8 @@ export class CleanRoomsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -600,8 +606,14 @@ export class CleanRoomsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -612,4 +624,13 @@ export class CleanRoomsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCleanRoomsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CleanRoomsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cleanrooms/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cleanrooms/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3b5d1077c38f0 --- /dev/null +++ b/clients/client-cleanrooms/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CleanRoomsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CleanRoomsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CleanRoomsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CleanRoomsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CleanRoomsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CleanRoomsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cleanrooms/src/auth/httpAuthSchemeProvider.ts b/clients/client-cleanrooms/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5ab2799ea1268 --- /dev/null +++ b/clients/client-cleanrooms/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CleanRoomsClientConfig, CleanRoomsClientResolvedConfig } from "../CleanRoomsClient"; + +/** + * @internal + */ +export interface CleanRoomsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CleanRoomsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CleanRoomsClientResolvedConfig, + HandlerExecutionContext, + CleanRoomsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCleanRoomsHttpAuthSchemeParametersProvider = async ( + config: CleanRoomsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CleanRoomsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cleanrooms", + region: authParameters.region, + }, + propertiesExtractor: (config: CleanRoomsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CleanRoomsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCleanRoomsHttpAuthSchemeProvider: CleanRoomsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CleanRoomsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CleanRoomsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cleanrooms/src/extensionConfiguration.ts b/clients/client-cleanrooms/src/extensionConfiguration.ts index a65675505443e..8afec0941688e 100644 --- a/clients/client-cleanrooms/src/extensionConfiguration.ts +++ b/clients/client-cleanrooms/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CleanRoomsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cleanrooms/src/runtimeConfig.shared.ts b/clients/client-cleanrooms/src/runtimeConfig.shared.ts index 13d928723dcee..5110bdc09af28 100644 --- a/clients/client-cleanrooms/src/runtimeConfig.shared.ts +++ b/clients/client-cleanrooms/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCleanRoomsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CleanRoomsClientConfig } from "./CleanRoomsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CleanRoomsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCleanRoomsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CleanRooms", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cleanrooms/src/runtimeExtensions.ts b/clients/client-cleanrooms/src/runtimeExtensions.ts index 3d0a2de58c7f2..c990536bea891 100644 --- a/clients/client-cleanrooms/src/runtimeExtensions.ts +++ b/clients/client-cleanrooms/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CleanRoomsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cleanroomsml/package.json b/clients/client-cleanroomsml/package.json index 38244a288e29b..5ac8c445f1d0a 100644 --- a/clients/client-cleanroomsml/package.json +++ b/clients/client-cleanroomsml/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cleanroomsml/src/CleanRoomsMLClient.ts b/clients/client-cleanroomsml/src/CleanRoomsMLClient.ts index ea90891d1a6e3..e67971beefbc9 100644 --- a/clients/client-cleanroomsml/src/CleanRoomsMLClient.ts +++ b/clients/client-cleanroomsml/src/CleanRoomsMLClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCleanRoomsMLHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAudienceModelCommandInput, CreateAudienceModelCommandOutput, @@ -291,21 +296,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -344,8 +350,8 @@ export type CleanRoomsMLClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -364,8 +370,8 @@ export type CleanRoomsMLClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -401,8 +407,8 @@ export class CleanRoomsMLClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -411,8 +417,14 @@ export class CleanRoomsMLClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -423,4 +435,13 @@ export class CleanRoomsMLClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCleanRoomsMLHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CleanRoomsMLClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cleanroomsml/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cleanroomsml/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d2b927c93a69e --- /dev/null +++ b/clients/client-cleanroomsml/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CleanRoomsMLHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CleanRoomsMLHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CleanRoomsMLHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CleanRoomsMLHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CleanRoomsMLHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CleanRoomsMLHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cleanroomsml/src/auth/httpAuthSchemeProvider.ts b/clients/client-cleanroomsml/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1ee48060e8417 --- /dev/null +++ b/clients/client-cleanroomsml/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CleanRoomsMLClientConfig, CleanRoomsMLClientResolvedConfig } from "../CleanRoomsMLClient"; + +/** + * @internal + */ +export interface CleanRoomsMLHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CleanRoomsMLHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CleanRoomsMLClientResolvedConfig, + HandlerExecutionContext, + CleanRoomsMLHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCleanRoomsMLHttpAuthSchemeParametersProvider = async ( + config: CleanRoomsMLClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CleanRoomsMLHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cleanrooms-ml", + region: authParameters.region, + }, + propertiesExtractor: (config: CleanRoomsMLClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CleanRoomsMLHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCleanRoomsMLHttpAuthSchemeProvider: CleanRoomsMLHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CleanRoomsMLHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CleanRoomsMLHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cleanroomsml/src/extensionConfiguration.ts b/clients/client-cleanroomsml/src/extensionConfiguration.ts index 0deaa008a95f3..74a22716c9661 100644 --- a/clients/client-cleanroomsml/src/extensionConfiguration.ts +++ b/clients/client-cleanroomsml/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CleanRoomsMLExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cleanroomsml/src/runtimeConfig.shared.ts b/clients/client-cleanroomsml/src/runtimeConfig.shared.ts index 1da3c5f2dbb45..46fd934ae9b0b 100644 --- a/clients/client-cleanroomsml/src/runtimeConfig.shared.ts +++ b/clients/client-cleanroomsml/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCleanRoomsMLHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CleanRoomsMLClientConfig } from "./CleanRoomsMLClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CleanRoomsMLClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCleanRoomsMLHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CleanRoomsML", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cleanroomsml/src/runtimeExtensions.ts b/clients/client-cleanroomsml/src/runtimeExtensions.ts index fcdca419361f1..ae74b86401f4c 100644 --- a/clients/client-cleanroomsml/src/runtimeExtensions.ts +++ b/clients/client-cleanroomsml/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CleanRoomsMLExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloud9/package.json b/clients/client-cloud9/package.json index 8e6c7da75f744..8ee6a771a34a6 100644 --- a/clients/client-cloud9/package.json +++ b/clients/client-cloud9/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloud9/src/Cloud9Client.ts b/clients/client-cloud9/src/Cloud9Client.ts index 67cd159d85237..9f9ba4c9af2c7 100644 --- a/clients/client-cloud9/src/Cloud9Client.ts +++ b/clients/client-cloud9/src/Cloud9Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloud9HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateEnvironmentEC2CommandInput, CreateEnvironmentEC2CommandOutput, @@ -219,21 +224,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -272,8 +278,8 @@ export type Cloud9ClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export type Cloud9ClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -390,8 +396,8 @@ export class Cloud9Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -400,8 +406,14 @@ export class Cloud9Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -412,4 +424,13 @@ export class Cloud9Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloud9HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Cloud9ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloud9/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloud9/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9c60ee88d90ba --- /dev/null +++ b/clients/client-cloud9/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Cloud9HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Cloud9HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Cloud9HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Cloud9HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Cloud9HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Cloud9HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloud9/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloud9/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e8a500f0031cc --- /dev/null +++ b/clients/client-cloud9/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { Cloud9ClientConfig, Cloud9ClientResolvedConfig } from "../Cloud9Client"; + +/** + * @internal + */ +export interface Cloud9HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Cloud9HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Cloud9ClientResolvedConfig, + HandlerExecutionContext, + Cloud9HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloud9HttpAuthSchemeParametersProvider = async ( + config: Cloud9ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: Cloud9HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloud9", + region: authParameters.region, + }, + propertiesExtractor: (config: Cloud9ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Cloud9HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloud9HttpAuthSchemeProvider: Cloud9HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Cloud9HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Cloud9HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloud9/src/extensionConfiguration.ts b/clients/client-cloud9/src/extensionConfiguration.ts index ca6be693a3032..70e20ba22d857 100644 --- a/clients/client-cloud9/src/extensionConfiguration.ts +++ b/clients/client-cloud9/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Cloud9ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloud9/src/runtimeConfig.shared.ts b/clients/client-cloud9/src/runtimeConfig.shared.ts index 2f90d9401efc8..ebe58e5c16296 100644 --- a/clients/client-cloud9/src/runtimeConfig.shared.ts +++ b/clients/client-cloud9/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloud9HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { Cloud9ClientConfig } from "./Cloud9Client"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Cloud9ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloud9HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cloud9", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloud9/src/runtimeExtensions.ts b/clients/client-cloud9/src/runtimeExtensions.ts index 96a80ed8c015b..3ec5f21f8f895 100644 --- a/clients/client-cloud9/src/runtimeExtensions.ts +++ b/clients/client-cloud9/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Cloud9ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudcontrol/package.json b/clients/client-cloudcontrol/package.json index 9d43599458368..eab26a4bbcb2e 100644 --- a/clients/client-cloudcontrol/package.json +++ b/clients/client-cloudcontrol/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-cloudcontrol/src/CloudControlClient.ts b/clients/client-cloudcontrol/src/CloudControlClient.ts index 71301cead30e3..48aa66d6d522e 100644 --- a/clients/client-cloudcontrol/src/CloudControlClient.ts +++ b/clients/client-cloudcontrol/src/CloudControlClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudControlHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelResourceRequestCommandInput, CancelResourceRequestCommandOutput, @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type CloudControlClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type CloudControlClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -295,8 +301,8 @@ export class CloudControlClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -305,8 +311,14 @@ export class CloudControlClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -317,4 +329,13 @@ export class CloudControlClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudControlHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudControlClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudcontrol/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudcontrol/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..58634868b77a2 --- /dev/null +++ b/clients/client-cloudcontrol/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudControlHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudControlHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudControlHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudControlHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudControlHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudControlHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudcontrol/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudcontrol/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..201066c1e36e0 --- /dev/null +++ b/clients/client-cloudcontrol/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudControlClientConfig, CloudControlClientResolvedConfig } from "../CloudControlClient"; + +/** + * @internal + */ +export interface CloudControlHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudControlHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudControlClientResolvedConfig, + HandlerExecutionContext, + CloudControlHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudControlHttpAuthSchemeParametersProvider = async ( + config: CloudControlClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudControlHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudcontrolapi", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudControlClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudControlHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudControlHttpAuthSchemeProvider: CloudControlHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudControlHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudControlHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudcontrol/src/extensionConfiguration.ts b/clients/client-cloudcontrol/src/extensionConfiguration.ts index bad4554f4aa83..f32083a87d69b 100644 --- a/clients/client-cloudcontrol/src/extensionConfiguration.ts +++ b/clients/client-cloudcontrol/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudControlExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudcontrol/src/runtimeConfig.shared.ts b/clients/client-cloudcontrol/src/runtimeConfig.shared.ts index 660c5c5d27a92..e00ecd64e6b0a 100644 --- a/clients/client-cloudcontrol/src/runtimeConfig.shared.ts +++ b/clients/client-cloudcontrol/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudControlHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudControlClientConfig } from "./CloudControlClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudControlClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudControlHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudControl", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudcontrol/src/runtimeExtensions.ts b/clients/client-cloudcontrol/src/runtimeExtensions.ts index 0181f027d5d1b..728d68057ad7b 100644 --- a/clients/client-cloudcontrol/src/runtimeExtensions.ts +++ b/clients/client-cloudcontrol/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudControlExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-clouddirectory/package.json b/clients/client-clouddirectory/package.json index 1ffdea9e7337b..9ce13e6ccb354 100644 --- a/clients/client-clouddirectory/package.json +++ b/clients/client-clouddirectory/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-clouddirectory/src/CloudDirectoryClient.ts b/clients/client-clouddirectory/src/CloudDirectoryClient.ts index 7ea9c33a1384d..4b734dbdb9718 100644 --- a/clients/client-clouddirectory/src/CloudDirectoryClient.ts +++ b/clients/client-clouddirectory/src/CloudDirectoryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudDirectoryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddFacetToObjectCommandInput, AddFacetToObjectCommandOutput } from "./commands/AddFacetToObjectCommand"; import { ApplySchemaCommandInput, ApplySchemaCommandOutput } from "./commands/ApplySchemaCommand"; import { AttachObjectCommandInput, AttachObjectCommandOutput } from "./commands/AttachObjectCommand"; @@ -432,21 +437,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -485,8 +491,8 @@ export type CloudDirectoryClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -505,8 +511,8 @@ export type CloudDirectoryClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -542,8 +548,8 @@ export class CloudDirectoryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -552,8 +558,14 @@ export class CloudDirectoryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -564,4 +576,13 @@ export class CloudDirectoryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudDirectoryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudDirectoryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-clouddirectory/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-clouddirectory/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2869578ac803c --- /dev/null +++ b/clients/client-clouddirectory/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudDirectoryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudDirectoryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudDirectoryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudDirectoryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudDirectoryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudDirectoryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-clouddirectory/src/auth/httpAuthSchemeProvider.ts b/clients/client-clouddirectory/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f3be9a668cd46 --- /dev/null +++ b/clients/client-clouddirectory/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudDirectoryClientConfig, CloudDirectoryClientResolvedConfig } from "../CloudDirectoryClient"; + +/** + * @internal + */ +export interface CloudDirectoryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudDirectoryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudDirectoryClientResolvedConfig, + HandlerExecutionContext, + CloudDirectoryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudDirectoryHttpAuthSchemeParametersProvider = async ( + config: CloudDirectoryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudDirectoryHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "clouddirectory", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudDirectoryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudDirectoryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudDirectoryHttpAuthSchemeProvider: CloudDirectoryHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudDirectoryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudDirectoryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-clouddirectory/src/extensionConfiguration.ts b/clients/client-clouddirectory/src/extensionConfiguration.ts index c52b8720d79c8..849562a31dcf3 100644 --- a/clients/client-clouddirectory/src/extensionConfiguration.ts +++ b/clients/client-clouddirectory/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudDirectoryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-clouddirectory/src/runtimeConfig.shared.ts b/clients/client-clouddirectory/src/runtimeConfig.shared.ts index 406f14827468f..396f20f50dc69 100644 --- a/clients/client-clouddirectory/src/runtimeConfig.shared.ts +++ b/clients/client-clouddirectory/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudDirectoryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudDirectoryClientConfig } from "./CloudDirectoryClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudDirectoryClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudDirectoryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudDirectory", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-clouddirectory/src/runtimeExtensions.ts b/clients/client-clouddirectory/src/runtimeExtensions.ts index 40661eff0c9d0..d3a0d9a83652e 100644 --- a/clients/client-clouddirectory/src/runtimeExtensions.ts +++ b/clients/client-clouddirectory/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudDirectoryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudformation/package.json b/clients/client-cloudformation/package.json index 62ed379244630..c8c03b86a2f5b 100644 --- a/clients/client-cloudformation/package.json +++ b/clients/client-cloudformation/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-cloudformation/src/CloudFormationClient.ts b/clients/client-cloudformation/src/CloudFormationClient.ts index 9481364fc655b..0651436a0e47e 100644 --- a/clients/client-cloudformation/src/CloudFormationClient.ts +++ b/clients/client-cloudformation/src/CloudFormationClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudFormationHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivateOrganizationsAccessCommandInput, ActivateOrganizationsAccessCommandOutput, @@ -519,21 +524,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -572,8 +578,8 @@ export type CloudFormationClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -592,8 +598,8 @@ export type CloudFormationClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -633,8 +639,8 @@ export class CloudFormationClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -643,8 +649,14 @@ export class CloudFormationClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -655,4 +667,13 @@ export class CloudFormationClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudFormationHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudFormationClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudformation/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudformation/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..821123af4166f --- /dev/null +++ b/clients/client-cloudformation/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudFormationHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFormationHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudFormationHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudFormationHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFormationHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudFormationHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudformation/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudformation/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a428c0c7c896b --- /dev/null +++ b/clients/client-cloudformation/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudFormationClientConfig, CloudFormationClientResolvedConfig } from "../CloudFormationClient"; + +/** + * @internal + */ +export interface CloudFormationHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudFormationHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudFormationClientResolvedConfig, + HandlerExecutionContext, + CloudFormationHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudFormationHttpAuthSchemeParametersProvider = async ( + config: CloudFormationClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudFormationHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudformation", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudFormationClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudFormationHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudFormationHttpAuthSchemeProvider: CloudFormationHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudFormationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudFormationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudformation/src/extensionConfiguration.ts b/clients/client-cloudformation/src/extensionConfiguration.ts index fb5d79a14e412..c3ba57defefd5 100644 --- a/clients/client-cloudformation/src/extensionConfiguration.ts +++ b/clients/client-cloudformation/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudFormationExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudformation/src/runtimeConfig.shared.ts b/clients/client-cloudformation/src/runtimeConfig.shared.ts index 05dbb158b7fe0..38693b4a52f47 100644 --- a/clients/client-cloudformation/src/runtimeConfig.shared.ts +++ b/clients/client-cloudformation/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudFormationHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudFormationClientConfig } from "./CloudFormationClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudFormationClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudFormationHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudFormation", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudformation/src/runtimeExtensions.ts b/clients/client-cloudformation/src/runtimeExtensions.ts index 02f77d9e00fcd..66752e00ec182 100644 --- a/clients/client-cloudformation/src/runtimeExtensions.ts +++ b/clients/client-cloudformation/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudFormationExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudfront-keyvaluestore/package.json b/clients/client-cloudfront-keyvaluestore/package.json index f01d75233800b..5e30d1164cc95 100644 --- a/clients/client-cloudfront-keyvaluestore/package.json +++ b/clients/client-cloudfront-keyvaluestore/package.json @@ -35,7 +35,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,7 +54,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-cloudfront/package.json b/clients/client-cloudfront/package.json index 8a6f5e0dee740..3c2e2499721ad 100644 --- a/clients/client-cloudfront/package.json +++ b/clients/client-cloudfront/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-node": "*", "@aws-sdk/xml-builder": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-cloudfront/src/CloudFrontClient.ts b/clients/client-cloudfront/src/CloudFrontClient.ts index e57bb11c31c7d..b72860acba156 100644 --- a/clients/client-cloudfront/src/CloudFrontClient.ts +++ b/clients/client-cloudfront/src/CloudFrontClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudFrontHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAliasCommandInput, AssociateAliasCommandOutput } from "./commands/AssociateAliasCommand"; import { CopyDistributionCommandInput, CopyDistributionCommandOutput } from "./commands/CopyDistributionCommand"; import { CreateCachePolicyCommandInput, CreateCachePolicyCommandOutput } from "./commands/CreateCachePolicyCommand"; @@ -708,21 +713,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -761,8 +767,8 @@ export type CloudFrontClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -781,8 +787,8 @@ export type CloudFrontClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -817,8 +823,8 @@ export class CloudFrontClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -827,8 +833,14 @@ export class CloudFrontClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -839,4 +851,13 @@ export class CloudFrontClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudFrontHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudFrontClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudfront/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudfront/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e01d6e628b699 --- /dev/null +++ b/clients/client-cloudfront/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudFrontHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFrontHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudFrontHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudFrontHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudFrontHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudFrontHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudfront/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudfront/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c983964ff9321 --- /dev/null +++ b/clients/client-cloudfront/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudFrontClientConfig, CloudFrontClientResolvedConfig } from "../CloudFrontClient"; + +/** + * @internal + */ +export interface CloudFrontHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudFrontHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudFrontClientResolvedConfig, + HandlerExecutionContext, + CloudFrontHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudFrontHttpAuthSchemeParametersProvider = async ( + config: CloudFrontClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudFrontHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudfront", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudFrontClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudFrontHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudFrontHttpAuthSchemeProvider: CloudFrontHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudFrontHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudFrontHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudfront/src/extensionConfiguration.ts b/clients/client-cloudfront/src/extensionConfiguration.ts index 92a4a234bdbcf..2e79be3b3c9d1 100644 --- a/clients/client-cloudfront/src/extensionConfiguration.ts +++ b/clients/client-cloudfront/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudFrontExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudfront/src/runtimeConfig.shared.ts b/clients/client-cloudfront/src/runtimeConfig.shared.ts index 71c5979a7ead2..5e283f483853a 100644 --- a/clients/client-cloudfront/src/runtimeConfig.shared.ts +++ b/clients/client-cloudfront/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudFrontHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudFrontClientConfig } from "./CloudFrontClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudFrontClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudFrontHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudFront", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudfront/src/runtimeExtensions.ts b/clients/client-cloudfront/src/runtimeExtensions.ts index 802d54d691fb9..16f437d0a61bd 100644 --- a/clients/client-cloudfront/src/runtimeExtensions.ts +++ b/clients/client-cloudfront/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudFrontExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudhsm-v2/package.json b/clients/client-cloudhsm-v2/package.json index 4612129e5f0cc..061ad62bca422 100644 --- a/clients/client-cloudhsm-v2/package.json +++ b/clients/client-cloudhsm-v2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudhsm-v2/src/CloudHSMV2Client.ts b/clients/client-cloudhsm-v2/src/CloudHSMV2Client.ts index 92028f42e6a14..195d3cb9caade 100644 --- a/clients/client-cloudhsm-v2/src/CloudHSMV2Client.ts +++ b/clients/client-cloudhsm-v2/src/CloudHSMV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudHSMV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CopyBackupToRegionCommandInput, CopyBackupToRegionCommandOutput } from "./commands/CopyBackupToRegionCommand"; import { CreateClusterCommandInput, CreateClusterCommandOutput } from "./commands/CreateClusterCommand"; import { CreateHsmCommandInput, CreateHsmCommandOutput } from "./commands/CreateHsmCommand"; @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type CloudHSMV2ClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type CloudHSMV2ClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export class CloudHSMV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -320,8 +326,14 @@ export class CloudHSMV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -332,4 +344,13 @@ export class CloudHSMV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudHSMV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudHSMV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudhsm-v2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudhsm-v2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..aee25773b91f4 --- /dev/null +++ b/clients/client-cloudhsm-v2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudHSMV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudHSMV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudHSMV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudHSMV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudHSMV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudHSMV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudhsm-v2/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudhsm-v2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fb747cfb11ca7 --- /dev/null +++ b/clients/client-cloudhsm-v2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudHSMV2ClientConfig, CloudHSMV2ClientResolvedConfig } from "../CloudHSMV2Client"; + +/** + * @internal + */ +export interface CloudHSMV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudHSMV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudHSMV2ClientResolvedConfig, + HandlerExecutionContext, + CloudHSMV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudHSMV2HttpAuthSchemeParametersProvider = async ( + config: CloudHSMV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudHSMV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudhsm", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudHSMV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudHSMV2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudHSMV2HttpAuthSchemeProvider: CloudHSMV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudHSMV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudHSMV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudhsm-v2/src/extensionConfiguration.ts b/clients/client-cloudhsm-v2/src/extensionConfiguration.ts index f277a1149b6fc..103c8575b7c36 100644 --- a/clients/client-cloudhsm-v2/src/extensionConfiguration.ts +++ b/clients/client-cloudhsm-v2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudHSMV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudhsm-v2/src/runtimeConfig.shared.ts b/clients/client-cloudhsm-v2/src/runtimeConfig.shared.ts index 0e3e5f9e049ec..1e705450564b7 100644 --- a/clients/client-cloudhsm-v2/src/runtimeConfig.shared.ts +++ b/clients/client-cloudhsm-v2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudHSMV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudHSMV2ClientConfig } from "./CloudHSMV2Client"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudHSMV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudHSMV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudHSM V2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudhsm-v2/src/runtimeExtensions.ts b/clients/client-cloudhsm-v2/src/runtimeExtensions.ts index 98e403226c04f..73c5a05619313 100644 --- a/clients/client-cloudhsm-v2/src/runtimeExtensions.ts +++ b/clients/client-cloudhsm-v2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudHSMV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudhsm/package.json b/clients/client-cloudhsm/package.json index c5ee2cb8a45c1..b20db96f16dc4 100644 --- a/clients/client-cloudhsm/package.json +++ b/clients/client-cloudhsm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudhsm/src/CloudHSMClient.ts b/clients/client-cloudhsm/src/CloudHSMClient.ts index a940ffbc18bf2..7d7498e42afb3 100644 --- a/clients/client-cloudhsm/src/CloudHSMClient.ts +++ b/clients/client-cloudhsm/src/CloudHSMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudHSMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToResourceCommandInput, AddTagsToResourceCommandOutput } from "./commands/AddTagsToResourceCommand"; import { CreateHapgCommandInput, CreateHapgCommandOutput } from "./commands/CreateHapgCommand"; import { CreateHsmCommandInput, CreateHsmCommandOutput } from "./commands/CreateHsmCommand"; @@ -222,21 +227,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -275,8 +281,8 @@ export type CloudHSMClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -295,8 +301,8 @@ export type CloudHSMClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export class CloudHSMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -347,8 +353,14 @@ export class CloudHSMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -359,4 +371,13 @@ export class CloudHSMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudHSMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudHSMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudhsm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudhsm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..75f1b524a6fbc --- /dev/null +++ b/clients/client-cloudhsm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudHSMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudHSMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudHSMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudHSMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudHSMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudHSMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudhsm/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudhsm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e1f1a2f1369d5 --- /dev/null +++ b/clients/client-cloudhsm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudHSMClientConfig, CloudHSMClientResolvedConfig } from "../CloudHSMClient"; + +/** + * @internal + */ +export interface CloudHSMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudHSMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudHSMClientResolvedConfig, + HandlerExecutionContext, + CloudHSMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudHSMHttpAuthSchemeParametersProvider = async ( + config: CloudHSMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudHSMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudhsm", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudHSMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudHSMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudHSMHttpAuthSchemeProvider: CloudHSMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudHSMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudHSMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudhsm/src/extensionConfiguration.ts b/clients/client-cloudhsm/src/extensionConfiguration.ts index 2e9a0d89e56d4..3a3528c31d853 100644 --- a/clients/client-cloudhsm/src/extensionConfiguration.ts +++ b/clients/client-cloudhsm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudHSMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudhsm/src/runtimeConfig.shared.ts b/clients/client-cloudhsm/src/runtimeConfig.shared.ts index c7fef15408896..d6ff18a12f1b6 100644 --- a/clients/client-cloudhsm/src/runtimeConfig.shared.ts +++ b/clients/client-cloudhsm/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudHSMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudHSMClientConfig } from "./CloudHSMClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudHSMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudHSMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudHSM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudhsm/src/runtimeExtensions.ts b/clients/client-cloudhsm/src/runtimeExtensions.ts index 1a2ffaeab783c..9b16655278e8b 100644 --- a/clients/client-cloudhsm/src/runtimeExtensions.ts +++ b/clients/client-cloudhsm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudHSMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudsearch-domain/package.json b/clients/client-cloudsearch-domain/package.json index 4240d10edc44a..927d54608257e 100644 --- a/clients/client-cloudsearch-domain/package.json +++ b/clients/client-cloudsearch-domain/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudsearch-domain/src/CloudSearchDomainClient.ts b/clients/client-cloudsearch-domain/src/CloudSearchDomainClient.ts index 28b3b8d00722c..90d7743203f49 100644 --- a/clients/client-cloudsearch-domain/src/CloudSearchDomainClient.ts +++ b/clients/client-cloudsearch-domain/src/CloudSearchDomainClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudSearchDomainHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { SearchCommandInput, SearchCommandOutput } from "./commands/SearchCommand"; import { SuggestCommandInput, SuggestCommandOutput } from "./commands/SuggestCommand"; import { UploadDocumentsCommandInput, UploadDocumentsCommandOutput } from "./commands/UploadDocumentsCommand"; @@ -159,21 +164,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -212,8 +218,8 @@ export type CloudSearchDomainClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -232,8 +238,8 @@ export type CloudSearchDomainClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -267,8 +273,8 @@ export class CloudSearchDomainClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -277,8 +283,14 @@ export class CloudSearchDomainClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -289,4 +301,13 @@ export class CloudSearchDomainClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudSearchDomainHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudSearchDomainClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudsearch-domain/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudsearch-domain/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..990c1e4430e83 --- /dev/null +++ b/clients/client-cloudsearch-domain/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudSearchDomainHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudSearchDomainHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudSearchDomainHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudSearchDomainHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudSearchDomainHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudSearchDomainHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudsearch-domain/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudsearch-domain/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..af165a10c0c3f --- /dev/null +++ b/clients/client-cloudsearch-domain/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudSearchDomainClientConfig, CloudSearchDomainClientResolvedConfig } from "../CloudSearchDomainClient"; + +/** + * @internal + */ +export interface CloudSearchDomainHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudSearchDomainHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudSearchDomainClientResolvedConfig, + HandlerExecutionContext, + CloudSearchDomainHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudSearchDomainHttpAuthSchemeParametersProvider = async ( + config: CloudSearchDomainClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudSearchDomainHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudsearch", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudSearchDomainClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudSearchDomainHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudSearchDomainHttpAuthSchemeProvider: CloudSearchDomainHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudSearchDomainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudSearchDomainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudsearch-domain/src/extensionConfiguration.ts b/clients/client-cloudsearch-domain/src/extensionConfiguration.ts index 8922dae42c349..12c2b21630d74 100644 --- a/clients/client-cloudsearch-domain/src/extensionConfiguration.ts +++ b/clients/client-cloudsearch-domain/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudSearchDomainExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudsearch-domain/src/runtimeConfig.shared.ts b/clients/client-cloudsearch-domain/src/runtimeConfig.shared.ts index 838e7e3d9afe9..2c572380677ca 100644 --- a/clients/client-cloudsearch-domain/src/runtimeConfig.shared.ts +++ b/clients/client-cloudsearch-domain/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudSearchDomainHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudSearchDomainClientConfig } from "./CloudSearchDomainClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudSearchDomainClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudSearchDomainHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudSearch Domain", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudsearch-domain/src/runtimeExtensions.ts b/clients/client-cloudsearch-domain/src/runtimeExtensions.ts index 6dbd64b77a99e..17cf437d45aae 100644 --- a/clients/client-cloudsearch-domain/src/runtimeExtensions.ts +++ b/clients/client-cloudsearch-domain/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudSearchDomainExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudsearch/package.json b/clients/client-cloudsearch/package.json index de9f834a60538..4fb7607b66ebc 100644 --- a/clients/client-cloudsearch/package.json +++ b/clients/client-cloudsearch/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "fast-xml-parser": "4.2.5", diff --git a/clients/client-cloudsearch/src/CloudSearchClient.ts b/clients/client-cloudsearch/src/CloudSearchClient.ts index efa7e872a11b2..739a9af031c01 100644 --- a/clients/client-cloudsearch/src/CloudSearchClient.ts +++ b/clients/client-cloudsearch/src/CloudSearchClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudSearchHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BuildSuggestersCommandInput, BuildSuggestersCommandOutput } from "./commands/BuildSuggestersCommand"; import { CreateDomainCommandInput, CreateDomainCommandOutput } from "./commands/CreateDomainCommand"; import { @@ -273,21 +278,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -326,8 +332,8 @@ export type CloudSearchClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -346,8 +352,8 @@ export type CloudSearchClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -384,8 +390,8 @@ export class CloudSearchClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -394,8 +400,14 @@ export class CloudSearchClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -406,4 +418,13 @@ export class CloudSearchClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudSearchHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudSearchClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudsearch/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudsearch/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0fb23efbcb871 --- /dev/null +++ b/clients/client-cloudsearch/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudSearchHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudSearchHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudSearchHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudSearchHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudSearchHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudSearchHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudsearch/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudsearch/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..97d7fbdb72d5a --- /dev/null +++ b/clients/client-cloudsearch/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudSearchClientConfig, CloudSearchClientResolvedConfig } from "../CloudSearchClient"; + +/** + * @internal + */ +export interface CloudSearchHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudSearchHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudSearchClientResolvedConfig, + HandlerExecutionContext, + CloudSearchHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudSearchHttpAuthSchemeParametersProvider = async ( + config: CloudSearchClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudSearchHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudsearch", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudSearchClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudSearchHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudSearchHttpAuthSchemeProvider: CloudSearchHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudSearchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudSearchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudsearch/src/extensionConfiguration.ts b/clients/client-cloudsearch/src/extensionConfiguration.ts index a55c023d9c311..60a91d431fffd 100644 --- a/clients/client-cloudsearch/src/extensionConfiguration.ts +++ b/clients/client-cloudsearch/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudSearchExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudsearch/src/runtimeConfig.shared.ts b/clients/client-cloudsearch/src/runtimeConfig.shared.ts index 464c0d3d6f6e0..baaeee5764012 100644 --- a/clients/client-cloudsearch/src/runtimeConfig.shared.ts +++ b/clients/client-cloudsearch/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudSearchHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudSearchClientConfig } from "./CloudSearchClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudSearchClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudSearchHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudSearch", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudsearch/src/runtimeExtensions.ts b/clients/client-cloudsearch/src/runtimeExtensions.ts index ed3a12ecb7492..9b74f7395426b 100644 --- a/clients/client-cloudsearch/src/runtimeExtensions.ts +++ b/clients/client-cloudsearch/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudSearchExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudtrail-data/package.json b/clients/client-cloudtrail-data/package.json index f571dc949380d..348e945d2a333 100644 --- a/clients/client-cloudtrail-data/package.json +++ b/clients/client-cloudtrail-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudtrail-data/src/CloudTrailDataClient.ts b/clients/client-cloudtrail-data/src/CloudTrailDataClient.ts index 6432bd4c78d1d..3bea43e5abd1b 100644 --- a/clients/client-cloudtrail-data/src/CloudTrailDataClient.ts +++ b/clients/client-cloudtrail-data/src/CloudTrailDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudTrailDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { PutAuditEventsCommandInput, PutAuditEventsCommandOutput } from "./commands/PutAuditEventsCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type CloudTrailDataClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type CloudTrailDataClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -267,8 +273,8 @@ export class CloudTrailDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -277,8 +283,14 @@ export class CloudTrailDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -289,4 +301,13 @@ export class CloudTrailDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudTrailDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudTrailDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudtrail-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudtrail-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..06cae9f0b099b --- /dev/null +++ b/clients/client-cloudtrail-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudTrailDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudTrailDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudTrailDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudTrailDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudTrailDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudTrailDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudtrail-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudtrail-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9adf327ce13fc --- /dev/null +++ b/clients/client-cloudtrail-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudTrailDataClientConfig, CloudTrailDataClientResolvedConfig } from "../CloudTrailDataClient"; + +/** + * @internal + */ +export interface CloudTrailDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudTrailDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudTrailDataClientResolvedConfig, + HandlerExecutionContext, + CloudTrailDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudTrailDataHttpAuthSchemeParametersProvider = async ( + config: CloudTrailDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudTrailDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudtrail-data", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudTrailDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudTrailDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudTrailDataHttpAuthSchemeProvider: CloudTrailDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudTrailDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudTrailDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudtrail-data/src/extensionConfiguration.ts b/clients/client-cloudtrail-data/src/extensionConfiguration.ts index 3cdccbccd245e..96f17dced49d7 100644 --- a/clients/client-cloudtrail-data/src/extensionConfiguration.ts +++ b/clients/client-cloudtrail-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudTrailDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudtrail-data/src/runtimeConfig.shared.ts b/clients/client-cloudtrail-data/src/runtimeConfig.shared.ts index 60a6434b1580d..17a547da3c542 100644 --- a/clients/client-cloudtrail-data/src/runtimeConfig.shared.ts +++ b/clients/client-cloudtrail-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudTrailDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudTrailDataClientConfig } from "./CloudTrailDataClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudTrailDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudTrailDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudTrail Data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudtrail-data/src/runtimeExtensions.ts b/clients/client-cloudtrail-data/src/runtimeExtensions.ts index 6ed723aa15e32..0934ab034bd5d 100644 --- a/clients/client-cloudtrail-data/src/runtimeExtensions.ts +++ b/clients/client-cloudtrail-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudTrailDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudtrail/package.json b/clients/client-cloudtrail/package.json index 9107c1248d19e..a95e0cf5ae374 100644 --- a/clients/client-cloudtrail/package.json +++ b/clients/client-cloudtrail/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudtrail/src/CloudTrailClient.ts b/clients/client-cloudtrail/src/CloudTrailClient.ts index 58530a3715a98..d8cfdd106fcba 100644 --- a/clients/client-cloudtrail/src/CloudTrailClient.ts +++ b/clients/client-cloudtrail/src/CloudTrailClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudTrailHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsCommandInput, AddTagsCommandOutput } from "./commands/AddTagsCommand"; import { CancelQueryCommandInput, CancelQueryCommandOutput } from "./commands/CancelQueryCommand"; import { CreateChannelCommandInput, CreateChannelCommandOutput } from "./commands/CreateChannelCommand"; @@ -342,21 +347,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -395,8 +401,8 @@ export type CloudTrailClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -415,8 +421,8 @@ export type CloudTrailClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -462,8 +468,8 @@ export class CloudTrailClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -472,8 +478,14 @@ export class CloudTrailClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -484,4 +496,13 @@ export class CloudTrailClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudTrailHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudTrailClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudtrail/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudtrail/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..68a3f06ddfa38 --- /dev/null +++ b/clients/client-cloudtrail/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudTrailHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudTrailHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudTrailHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudTrailHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudTrailHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudTrailHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudtrail/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudtrail/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b2ec4b00daa34 --- /dev/null +++ b/clients/client-cloudtrail/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudTrailClientConfig, CloudTrailClientResolvedConfig } from "../CloudTrailClient"; + +/** + * @internal + */ +export interface CloudTrailHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudTrailHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudTrailClientResolvedConfig, + HandlerExecutionContext, + CloudTrailHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudTrailHttpAuthSchemeParametersProvider = async ( + config: CloudTrailClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudTrailHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cloudtrail", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudTrailClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudTrailHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudTrailHttpAuthSchemeProvider: CloudTrailHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudTrailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudTrailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudtrail/src/extensionConfiguration.ts b/clients/client-cloudtrail/src/extensionConfiguration.ts index 991700ed30fa5..1585356b297e0 100644 --- a/clients/client-cloudtrail/src/extensionConfiguration.ts +++ b/clients/client-cloudtrail/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudTrailExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudtrail/src/runtimeConfig.shared.ts b/clients/client-cloudtrail/src/runtimeConfig.shared.ts index 7e6c1066d3b3a..9e7dbd9dae578 100644 --- a/clients/client-cloudtrail/src/runtimeConfig.shared.ts +++ b/clients/client-cloudtrail/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudTrailHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudTrailClientConfig } from "./CloudTrailClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudTrailClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudTrailHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudTrail", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudtrail/src/runtimeExtensions.ts b/clients/client-cloudtrail/src/runtimeExtensions.ts index ac860059e9bdf..f19e435db774c 100644 --- a/clients/client-cloudtrail/src/runtimeExtensions.ts +++ b/clients/client-cloudtrail/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudTrailExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudwatch-events/package.json b/clients/client-cloudwatch-events/package.json index 691899838bcec..f47cd665d7a59 100644 --- a/clients/client-cloudwatch-events/package.json +++ b/clients/client-cloudwatch-events/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cloudwatch-events/src/CloudWatchEventsClient.ts b/clients/client-cloudwatch-events/src/CloudWatchEventsClient.ts index f3895f00cacff..5b44681a897e8 100644 --- a/clients/client-cloudwatch-events/src/CloudWatchEventsClient.ts +++ b/clients/client-cloudwatch-events/src/CloudWatchEventsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudWatchEventsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivateEventSourceCommandInput, ActivateEventSourceCommandOutput, @@ -357,21 +362,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -410,8 +416,8 @@ export type CloudWatchEventsClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -430,8 +436,8 @@ export type CloudWatchEventsClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -482,8 +488,8 @@ export class CloudWatchEventsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -492,8 +498,14 @@ export class CloudWatchEventsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -504,4 +516,13 @@ export class CloudWatchEventsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudWatchEventsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudWatchEventsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudwatch-events/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudwatch-events/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b8189336a8978 --- /dev/null +++ b/clients/client-cloudwatch-events/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudWatchEventsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchEventsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudWatchEventsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudWatchEventsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchEventsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudWatchEventsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudwatch-events/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudwatch-events/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0f8b0465c09f3 --- /dev/null +++ b/clients/client-cloudwatch-events/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudWatchEventsClientConfig, CloudWatchEventsClientResolvedConfig } from "../CloudWatchEventsClient"; + +/** + * @internal + */ +export interface CloudWatchEventsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudWatchEventsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudWatchEventsClientResolvedConfig, + HandlerExecutionContext, + CloudWatchEventsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudWatchEventsHttpAuthSchemeParametersProvider = async ( + config: CloudWatchEventsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudWatchEventsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "events", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudWatchEventsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudWatchEventsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudWatchEventsHttpAuthSchemeProvider: CloudWatchEventsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudWatchEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudWatchEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudwatch-events/src/extensionConfiguration.ts b/clients/client-cloudwatch-events/src/extensionConfiguration.ts index aeb655d32518e..b6356589ec069 100644 --- a/clients/client-cloudwatch-events/src/extensionConfiguration.ts +++ b/clients/client-cloudwatch-events/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudWatchEventsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudwatch-events/src/runtimeConfig.shared.ts b/clients/client-cloudwatch-events/src/runtimeConfig.shared.ts index c98182e8ecc1a..ec06e795338e9 100644 --- a/clients/client-cloudwatch-events/src/runtimeConfig.shared.ts +++ b/clients/client-cloudwatch-events/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudWatchEventsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudWatchEventsClientConfig } from "./CloudWatchEventsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudWatchEventsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudWatchEventsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudWatch Events", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudwatch-events/src/runtimeExtensions.ts b/clients/client-cloudwatch-events/src/runtimeExtensions.ts index 9b133e953d4bb..674bc887cd89e 100644 --- a/clients/client-cloudwatch-events/src/runtimeExtensions.ts +++ b/clients/client-cloudwatch-events/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudWatchEventsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudwatch-logs/package.json b/clients/client-cloudwatch-logs/package.json index 537725c285038..f644530013371 100644 --- a/clients/client-cloudwatch-logs/package.json +++ b/clients/client-cloudwatch-logs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -56,8 +55,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-cloudwatch-logs/src/CloudWatchLogsClient.ts b/clients/client-cloudwatch-logs/src/CloudWatchLogsClient.ts index 5d8ad5b160a81..15faa34ffd9c4 100644 --- a/clients/client-cloudwatch-logs/src/CloudWatchLogsClient.ts +++ b/clients/client-cloudwatch-logs/src/CloudWatchLogsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudWatchLogsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateKmsKeyCommandInput, AssociateKmsKeyCommandOutput } from "./commands/AssociateKmsKeyCommand"; import { CancelExportTaskCommandInput, CancelExportTaskCommandOutput } from "./commands/CancelExportTaskCommand"; import { CreateDeliveryCommandInput, CreateDeliveryCommandOutput } from "./commands/CreateDeliveryCommand"; @@ -480,21 +485,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -538,9 +544,9 @@ export type CloudWatchLogsClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -559,9 +565,9 @@ export type CloudWatchLogsClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -626,9 +632,9 @@ export class CloudWatchLogsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -637,8 +643,14 @@ export class CloudWatchLogsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -649,4 +661,13 @@ export class CloudWatchLogsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudWatchLogsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudWatchLogsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudwatch-logs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudwatch-logs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..87eb101c15757 --- /dev/null +++ b/clients/client-cloudwatch-logs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudWatchLogsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchLogsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudWatchLogsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudWatchLogsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchLogsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudWatchLogsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudwatch-logs/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudwatch-logs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7e17d7ea621cd --- /dev/null +++ b/clients/client-cloudwatch-logs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudWatchLogsClientConfig, CloudWatchLogsClientResolvedConfig } from "../CloudWatchLogsClient"; + +/** + * @internal + */ +export interface CloudWatchLogsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudWatchLogsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudWatchLogsClientResolvedConfig, + HandlerExecutionContext, + CloudWatchLogsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudWatchLogsHttpAuthSchemeParametersProvider = async ( + config: CloudWatchLogsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudWatchLogsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "logs", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudWatchLogsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudWatchLogsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudWatchLogsHttpAuthSchemeProvider: CloudWatchLogsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudWatchLogsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudWatchLogsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudwatch-logs/src/extensionConfiguration.ts b/clients/client-cloudwatch-logs/src/extensionConfiguration.ts index ece555569d46a..b554f394a8c1d 100644 --- a/clients/client-cloudwatch-logs/src/extensionConfiguration.ts +++ b/clients/client-cloudwatch-logs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudWatchLogsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudwatch-logs/src/runtimeConfig.shared.ts b/clients/client-cloudwatch-logs/src/runtimeConfig.shared.ts index 550981951ad89..23b36ed16fbf7 100644 --- a/clients/client-cloudwatch-logs/src/runtimeConfig.shared.ts +++ b/clients/client-cloudwatch-logs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudWatchLogsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudWatchLogsClientConfig } from "./CloudWatchLogsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudWatchLogsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudWatchLogsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudWatch Logs", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudwatch-logs/src/runtimeExtensions.ts b/clients/client-cloudwatch-logs/src/runtimeExtensions.ts index f943b4aa66443..167d8df1bd00a 100644 --- a/clients/client-cloudwatch-logs/src/runtimeExtensions.ts +++ b/clients/client-cloudwatch-logs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudWatchLogsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cloudwatch/package.json b/clients/client-cloudwatch/package.json index 3fe20bca963db..38b114ba1f628 100644 --- a/clients/client-cloudwatch/package.json +++ b/clients/client-cloudwatch/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-cloudwatch/src/CloudWatchClient.ts b/clients/client-cloudwatch/src/CloudWatchClient.ts index 8c90571f4f1bd..7eb51f37fec34 100644 --- a/clients/client-cloudwatch/src/CloudWatchClient.ts +++ b/clients/client-cloudwatch/src/CloudWatchClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { CompressionInputConfig, CompressionResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -53,6 +52,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCloudWatchHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteAlarmsCommandInput, DeleteAlarmsCommandOutput } from "./commands/DeleteAlarmsCommand"; import { DeleteAnomalyDetectorCommandInput, @@ -314,21 +319,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -367,8 +373,8 @@ export type CloudWatchClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & CompressionInputConfig & ClientInputEndpointParameters; /** @@ -388,8 +394,8 @@ export type CloudWatchClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & CompressionResolvedConfig & ClientResolvedEndpointParameters; /** @@ -433,8 +439,8 @@ export class CloudWatchClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveCompressionConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); @@ -444,8 +450,14 @@ export class CloudWatchClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -456,4 +468,13 @@ export class CloudWatchClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCloudWatchHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CloudWatchClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cloudwatch/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cloudwatch/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0198879403339 --- /dev/null +++ b/clients/client-cloudwatch/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CloudWatchHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CloudWatchHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CloudWatchHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CloudWatchHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CloudWatchHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cloudwatch/src/auth/httpAuthSchemeProvider.ts b/clients/client-cloudwatch/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8dbafa2d53317 --- /dev/null +++ b/clients/client-cloudwatch/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CloudWatchClientConfig, CloudWatchClientResolvedConfig } from "../CloudWatchClient"; + +/** + * @internal + */ +export interface CloudWatchHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CloudWatchHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CloudWatchClientResolvedConfig, + HandlerExecutionContext, + CloudWatchHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCloudWatchHttpAuthSchemeParametersProvider = async ( + config: CloudWatchClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CloudWatchHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "monitoring", + region: authParameters.region, + }, + propertiesExtractor: (config: CloudWatchClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CloudWatchHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCloudWatchHttpAuthSchemeProvider: CloudWatchHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CloudWatchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CloudWatchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cloudwatch/src/extensionConfiguration.ts b/clients/client-cloudwatch/src/extensionConfiguration.ts index ba7556baa6c64..28e29d46f017c 100644 --- a/clients/client-cloudwatch/src/extensionConfiguration.ts +++ b/clients/client-cloudwatch/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CloudWatchExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cloudwatch/src/runtimeConfig.shared.ts b/clients/client-cloudwatch/src/runtimeConfig.shared.ts index e342c282f0247..a0d5c563fcf85 100644 --- a/clients/client-cloudwatch/src/runtimeConfig.shared.ts +++ b/clients/client-cloudwatch/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCloudWatchHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CloudWatchClientConfig } from "./CloudWatchClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CloudWatchClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCloudWatchHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CloudWatch", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cloudwatch/src/runtimeExtensions.ts b/clients/client-cloudwatch/src/runtimeExtensions.ts index df776302896b7..244e65c68a5ac 100644 --- a/clients/client-cloudwatch/src/runtimeExtensions.ts +++ b/clients/client-cloudwatch/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CloudWatchExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codeartifact/package.json b/clients/client-codeartifact/package.json index 902c26af3114d..0a7c9e433f8dd 100644 --- a/clients/client-codeartifact/package.json +++ b/clients/client-codeartifact/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-codeartifact/src/CodeartifactClient.ts b/clients/client-codeartifact/src/CodeartifactClient.ts index b0670138b5b56..f9ecc184443c5 100644 --- a/clients/client-codeartifact/src/CodeartifactClient.ts +++ b/clients/client-codeartifact/src/CodeartifactClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeartifactHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateExternalConnectionCommandInput, AssociateExternalConnectionCommandOutput, @@ -343,21 +348,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -402,8 +408,8 @@ export type CodeartifactClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -422,8 +428,8 @@ export type CodeartifactClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -727,8 +733,8 @@ export class CodeartifactClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -737,8 +743,14 @@ export class CodeartifactClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -749,4 +761,13 @@ export class CodeartifactClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeartifactHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeartifactClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codeartifact/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codeartifact/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0cec256608378 --- /dev/null +++ b/clients/client-codeartifact/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeartifactHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeartifactHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeartifactHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeartifactHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeartifactHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeartifactHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codeartifact/src/auth/httpAuthSchemeProvider.ts b/clients/client-codeartifact/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4c7fa8e14e68f --- /dev/null +++ b/clients/client-codeartifact/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeartifactClientConfig, CodeartifactClientResolvedConfig } from "../CodeartifactClient"; + +/** + * @internal + */ +export interface CodeartifactHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeartifactHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeartifactClientResolvedConfig, + HandlerExecutionContext, + CodeartifactHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeartifactHttpAuthSchemeParametersProvider = async ( + config: CodeartifactClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeartifactHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codeartifact", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeartifactClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeartifactHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeartifactHttpAuthSchemeProvider: CodeartifactHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeartifactHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeartifactHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codeartifact/src/extensionConfiguration.ts b/clients/client-codeartifact/src/extensionConfiguration.ts index 52df109f7a317..15a03801600cf 100644 --- a/clients/client-codeartifact/src/extensionConfiguration.ts +++ b/clients/client-codeartifact/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeartifactExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codeartifact/src/runtimeConfig.shared.ts b/clients/client-codeartifact/src/runtimeConfig.shared.ts index 4285108eb0e77..1929be451bbe7 100644 --- a/clients/client-codeartifact/src/runtimeConfig.shared.ts +++ b/clients/client-codeartifact/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeartifactHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeartifactClientConfig } from "./CodeartifactClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: CodeartifactClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeartifactHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "codeartifact", diff --git a/clients/client-codeartifact/src/runtimeExtensions.ts b/clients/client-codeartifact/src/runtimeExtensions.ts index 3d7f901df5a62..175d75506cf84 100644 --- a/clients/client-codeartifact/src/runtimeExtensions.ts +++ b/clients/client-codeartifact/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeartifactExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codebuild/package.json b/clients/client-codebuild/package.json index 08fd471faff8c..61124c131ecd9 100644 --- a/clients/client-codebuild/package.json +++ b/clients/client-codebuild/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-codebuild/src/CodeBuildClient.ts b/clients/client-codebuild/src/CodeBuildClient.ts index 301ee7723c0be..beb35c5f08869 100644 --- a/clients/client-codebuild/src/CodeBuildClient.ts +++ b/clients/client-codebuild/src/CodeBuildClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeBuildHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDeleteBuildsCommandInput, BatchDeleteBuildsCommandOutput } from "./commands/BatchDeleteBuildsCommand"; import { BatchGetBuildBatchesCommandInput, @@ -351,21 +356,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -404,8 +410,8 @@ export type CodeBuildClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -424,8 +430,8 @@ export type CodeBuildClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -466,8 +472,8 @@ export class CodeBuildClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -476,8 +482,14 @@ export class CodeBuildClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -488,4 +500,13 @@ export class CodeBuildClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeBuildHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeBuildClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codebuild/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codebuild/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2a8d59f3454be --- /dev/null +++ b/clients/client-codebuild/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeBuildHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeBuildHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeBuildHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeBuildHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeBuildHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeBuildHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codebuild/src/auth/httpAuthSchemeProvider.ts b/clients/client-codebuild/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..24a995ef0b7e6 --- /dev/null +++ b/clients/client-codebuild/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeBuildClientConfig, CodeBuildClientResolvedConfig } from "../CodeBuildClient"; + +/** + * @internal + */ +export interface CodeBuildHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeBuildHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeBuildClientResolvedConfig, + HandlerExecutionContext, + CodeBuildHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeBuildHttpAuthSchemeParametersProvider = async ( + config: CodeBuildClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeBuildHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codebuild", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeBuildClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeBuildHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeBuildHttpAuthSchemeProvider: CodeBuildHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeBuildHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeBuildHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codebuild/src/extensionConfiguration.ts b/clients/client-codebuild/src/extensionConfiguration.ts index a93860500edb5..a07d3290b0e20 100644 --- a/clients/client-codebuild/src/extensionConfiguration.ts +++ b/clients/client-codebuild/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeBuildExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codebuild/src/runtimeConfig.shared.ts b/clients/client-codebuild/src/runtimeConfig.shared.ts index fad343d7bd354..4530cd752ddcb 100644 --- a/clients/client-codebuild/src/runtimeConfig.shared.ts +++ b/clients/client-codebuild/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeBuildHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeBuildClientConfig } from "./CodeBuildClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeBuildClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeBuildHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeBuild", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codebuild/src/runtimeExtensions.ts b/clients/client-codebuild/src/runtimeExtensions.ts index 9db1bd0d6eb3c..4407880b34384 100644 --- a/clients/client-codebuild/src/runtimeExtensions.ts +++ b/clients/client-codebuild/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeBuildExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codecatalyst/package.json b/clients/client-codecatalyst/package.json index b87572267932b..dd3c5e6e7d116 100644 --- a/clients/client-codecatalyst/package.json +++ b/clients/client-codecatalyst/package.json @@ -32,7 +32,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -51,7 +51,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-codecommit/package.json b/clients/client-codecommit/package.json index f1f7851260b55..b06602a3ee83d 100644 --- a/clients/client-codecommit/package.json +++ b/clients/client-codecommit/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-codecommit/src/CodeCommitClient.ts b/clients/client-codecommit/src/CodeCommitClient.ts index a342283596d57..49e08ca191d9c 100644 --- a/clients/client-codecommit/src/CodeCommitClient.ts +++ b/clients/client-codecommit/src/CodeCommitClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeCommitHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateApprovalRuleTemplateWithRepositoryCommandInput, AssociateApprovalRuleTemplateWithRepositoryCommandOutput, @@ -543,21 +548,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -596,8 +602,8 @@ export type CodeCommitClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -616,8 +622,8 @@ export type CodeCommitClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1033,8 +1039,8 @@ export class CodeCommitClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1043,8 +1049,14 @@ export class CodeCommitClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1055,4 +1067,13 @@ export class CodeCommitClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeCommitHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeCommitClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codecommit/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codecommit/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e552e0abc9611 --- /dev/null +++ b/clients/client-codecommit/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeCommitHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeCommitHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeCommitHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeCommitHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeCommitHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeCommitHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codecommit/src/auth/httpAuthSchemeProvider.ts b/clients/client-codecommit/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2fadc64e81374 --- /dev/null +++ b/clients/client-codecommit/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeCommitClientConfig, CodeCommitClientResolvedConfig } from "../CodeCommitClient"; + +/** + * @internal + */ +export interface CodeCommitHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeCommitHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeCommitClientResolvedConfig, + HandlerExecutionContext, + CodeCommitHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeCommitHttpAuthSchemeParametersProvider = async ( + config: CodeCommitClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeCommitHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codecommit", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeCommitClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeCommitHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeCommitHttpAuthSchemeProvider: CodeCommitHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeCommitHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeCommitHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codecommit/src/extensionConfiguration.ts b/clients/client-codecommit/src/extensionConfiguration.ts index c85194bfc5e61..36d158398a867 100644 --- a/clients/client-codecommit/src/extensionConfiguration.ts +++ b/clients/client-codecommit/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeCommitExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codecommit/src/runtimeConfig.shared.ts b/clients/client-codecommit/src/runtimeConfig.shared.ts index 7337bc3736940..9f9710c04295b 100644 --- a/clients/client-codecommit/src/runtimeConfig.shared.ts +++ b/clients/client-codecommit/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeCommitHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeCommitClientConfig } from "./CodeCommitClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeCommitClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeCommitHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeCommit", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codecommit/src/runtimeExtensions.ts b/clients/client-codecommit/src/runtimeExtensions.ts index 3eb1a2fe121e2..3fb6c8cbd316a 100644 --- a/clients/client-codecommit/src/runtimeExtensions.ts +++ b/clients/client-codecommit/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeCommitExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codedeploy/package.json b/clients/client-codedeploy/package.json index 45266351fdbc3..a81cb12c16fc8 100644 --- a/clients/client-codedeploy/package.json +++ b/clients/client-codedeploy/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-codedeploy/src/CodeDeployClient.ts b/clients/client-codedeploy/src/CodeDeployClient.ts index 001540bfca2b6..b2cfc6299cb07 100644 --- a/clients/client-codedeploy/src/CodeDeployClient.ts +++ b/clients/client-codedeploy/src/CodeDeployClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeDeployHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToOnPremisesInstancesCommandInput, AddTagsToOnPremisesInstancesCommandOutput, @@ -399,21 +404,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -452,8 +458,8 @@ export type CodeDeployClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -472,8 +478,8 @@ export type CodeDeployClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -596,8 +602,8 @@ export class CodeDeployClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -606,8 +612,14 @@ export class CodeDeployClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -618,4 +630,13 @@ export class CodeDeployClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeDeployHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeDeployClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codedeploy/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codedeploy/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..35181aaf877a8 --- /dev/null +++ b/clients/client-codedeploy/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeDeployHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeDeployHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeDeployHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeDeployHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeDeployHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeDeployHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codedeploy/src/auth/httpAuthSchemeProvider.ts b/clients/client-codedeploy/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7bee0198fcb1e --- /dev/null +++ b/clients/client-codedeploy/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeDeployClientConfig, CodeDeployClientResolvedConfig } from "../CodeDeployClient"; + +/** + * @internal + */ +export interface CodeDeployHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeDeployHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeDeployClientResolvedConfig, + HandlerExecutionContext, + CodeDeployHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeDeployHttpAuthSchemeParametersProvider = async ( + config: CodeDeployClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeDeployHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codedeploy", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeDeployClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeDeployHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeDeployHttpAuthSchemeProvider: CodeDeployHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeDeployHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeDeployHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codedeploy/src/extensionConfiguration.ts b/clients/client-codedeploy/src/extensionConfiguration.ts index 1111707bff2d1..73b526b7566c3 100644 --- a/clients/client-codedeploy/src/extensionConfiguration.ts +++ b/clients/client-codedeploy/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeDeployExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codedeploy/src/runtimeConfig.shared.ts b/clients/client-codedeploy/src/runtimeConfig.shared.ts index 4c8934572da7c..75b08ee382135 100644 --- a/clients/client-codedeploy/src/runtimeConfig.shared.ts +++ b/clients/client-codedeploy/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeDeployHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeDeployClientConfig } from "./CodeDeployClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeDeployClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeDeployHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeDeploy", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codedeploy/src/runtimeExtensions.ts b/clients/client-codedeploy/src/runtimeExtensions.ts index c89728b55f26a..8137d34b735fb 100644 --- a/clients/client-codedeploy/src/runtimeExtensions.ts +++ b/clients/client-codedeploy/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeDeployExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codeguru-reviewer/package.json b/clients/client-codeguru-reviewer/package.json index b9945f0607c93..d654e6465461b 100644 --- a/clients/client-codeguru-reviewer/package.json +++ b/clients/client-codeguru-reviewer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-codeguru-reviewer/src/CodeGuruReviewerClient.ts b/clients/client-codeguru-reviewer/src/CodeGuruReviewerClient.ts index 46daa343fe541..0a1ffac6b1ad1 100644 --- a/clients/client-codeguru-reviewer/src/CodeGuruReviewerClient.ts +++ b/clients/client-codeguru-reviewer/src/CodeGuruReviewerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeGuruReviewerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateRepositoryCommandInput, AssociateRepositoryCommandOutput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type CodeGuruReviewerClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type CodeGuruReviewerClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -344,8 +350,8 @@ export class CodeGuruReviewerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -354,8 +360,14 @@ export class CodeGuruReviewerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -366,4 +378,13 @@ export class CodeGuruReviewerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeGuruReviewerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeGuruReviewerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codeguru-reviewer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codeguru-reviewer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d9f46fb38a00a --- /dev/null +++ b/clients/client-codeguru-reviewer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeGuruReviewerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruReviewerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeGuruReviewerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeGuruReviewerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruReviewerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeGuruReviewerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codeguru-reviewer/src/auth/httpAuthSchemeProvider.ts b/clients/client-codeguru-reviewer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..392c351c04125 --- /dev/null +++ b/clients/client-codeguru-reviewer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeGuruReviewerClientConfig, CodeGuruReviewerClientResolvedConfig } from "../CodeGuruReviewerClient"; + +/** + * @internal + */ +export interface CodeGuruReviewerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeGuruReviewerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeGuruReviewerClientResolvedConfig, + HandlerExecutionContext, + CodeGuruReviewerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeGuruReviewerHttpAuthSchemeParametersProvider = async ( + config: CodeGuruReviewerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeGuruReviewerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codeguru-reviewer", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeGuruReviewerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeGuruReviewerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeGuruReviewerHttpAuthSchemeProvider: CodeGuruReviewerHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeGuruReviewerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeGuruReviewerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codeguru-reviewer/src/extensionConfiguration.ts b/clients/client-codeguru-reviewer/src/extensionConfiguration.ts index e1d0a3e045bbc..ac5706aa39659 100644 --- a/clients/client-codeguru-reviewer/src/extensionConfiguration.ts +++ b/clients/client-codeguru-reviewer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeGuruReviewerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codeguru-reviewer/src/runtimeConfig.shared.ts b/clients/client-codeguru-reviewer/src/runtimeConfig.shared.ts index 4c99e1ddc66f9..2d2c8a2fcfa60 100644 --- a/clients/client-codeguru-reviewer/src/runtimeConfig.shared.ts +++ b/clients/client-codeguru-reviewer/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeGuruReviewerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeGuruReviewerClientConfig } from "./CodeGuruReviewerClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeGuruReviewerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeGuruReviewerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeGuru Reviewer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codeguru-reviewer/src/runtimeExtensions.ts b/clients/client-codeguru-reviewer/src/runtimeExtensions.ts index ed2efcdef0207..3f942e12f174b 100644 --- a/clients/client-codeguru-reviewer/src/runtimeExtensions.ts +++ b/clients/client-codeguru-reviewer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeGuruReviewerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codeguru-security/package.json b/clients/client-codeguru-security/package.json index 18cf1a1a1a2f6..8be948d8f77b1 100644 --- a/clients/client-codeguru-security/package.json +++ b/clients/client-codeguru-security/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-codeguru-security/src/CodeGuruSecurityClient.ts b/clients/client-codeguru-security/src/CodeGuruSecurityClient.ts index d8765d5fa9f26..dc6d39d6f887f 100644 --- a/clients/client-codeguru-security/src/CodeGuruSecurityClient.ts +++ b/clients/client-codeguru-security/src/CodeGuruSecurityClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeGuruSecurityHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetFindingsCommandInput, BatchGetFindingsCommandOutput } from "./commands/BatchGetFindingsCommand"; import { CreateScanCommandInput, CreateScanCommandOutput } from "./commands/CreateScanCommand"; import { CreateUploadUrlCommandInput, CreateUploadUrlCommandOutput } from "./commands/CreateUploadUrlCommand"; @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type CodeGuruSecurityClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type CodeGuruSecurityClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -323,8 +329,8 @@ export class CodeGuruSecurityClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -333,8 +339,14 @@ export class CodeGuruSecurityClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -345,4 +357,13 @@ export class CodeGuruSecurityClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeGuruSecurityHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeGuruSecurityClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codeguru-security/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codeguru-security/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..634f1231c1d8b --- /dev/null +++ b/clients/client-codeguru-security/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeGuruSecurityHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruSecurityHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeGuruSecurityHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeGuruSecurityHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruSecurityHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeGuruSecurityHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codeguru-security/src/auth/httpAuthSchemeProvider.ts b/clients/client-codeguru-security/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..777a14c109e84 --- /dev/null +++ b/clients/client-codeguru-security/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeGuruSecurityClientConfig, CodeGuruSecurityClientResolvedConfig } from "../CodeGuruSecurityClient"; + +/** + * @internal + */ +export interface CodeGuruSecurityHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeGuruSecurityHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeGuruSecurityClientResolvedConfig, + HandlerExecutionContext, + CodeGuruSecurityHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeGuruSecurityHttpAuthSchemeParametersProvider = async ( + config: CodeGuruSecurityClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeGuruSecurityHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codeguru-security", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeGuruSecurityClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeGuruSecurityHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeGuruSecurityHttpAuthSchemeProvider: CodeGuruSecurityHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeGuruSecurityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeGuruSecurityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codeguru-security/src/extensionConfiguration.ts b/clients/client-codeguru-security/src/extensionConfiguration.ts index a285a33d25a67..af07e9bc0a494 100644 --- a/clients/client-codeguru-security/src/extensionConfiguration.ts +++ b/clients/client-codeguru-security/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeGuruSecurityExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codeguru-security/src/runtimeConfig.shared.ts b/clients/client-codeguru-security/src/runtimeConfig.shared.ts index b2abd07568c72..c1ce786969a20 100644 --- a/clients/client-codeguru-security/src/runtimeConfig.shared.ts +++ b/clients/client-codeguru-security/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeGuruSecurityHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeGuruSecurityClientConfig } from "./CodeGuruSecurityClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeGuruSecurityClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeGuruSecurityHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeGuru Security", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codeguru-security/src/runtimeExtensions.ts b/clients/client-codeguru-security/src/runtimeExtensions.ts index c50d1c310736a..8d243a84b7d86 100644 --- a/clients/client-codeguru-security/src/runtimeExtensions.ts +++ b/clients/client-codeguru-security/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeGuruSecurityExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codeguruprofiler/package.json b/clients/client-codeguruprofiler/package.json index b9b411bf3fc35..cfd884dc74889 100644 --- a/clients/client-codeguruprofiler/package.json +++ b/clients/client-codeguruprofiler/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-codeguruprofiler/src/CodeGuruProfilerClient.ts b/clients/client-codeguruprofiler/src/CodeGuruProfilerClient.ts index b830412d97107..94c82420b0e7c 100644 --- a/clients/client-codeguruprofiler/src/CodeGuruProfilerClient.ts +++ b/clients/client-codeguruprofiler/src/CodeGuruProfilerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeGuruProfilerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddNotificationChannelsCommandInput, AddNotificationChannelsCommandOutput, @@ -261,21 +266,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -314,8 +320,8 @@ export type CodeGuruProfilerClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -334,8 +340,8 @@ export type CodeGuruProfilerClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -388,8 +394,8 @@ export class CodeGuruProfilerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -398,8 +404,14 @@ export class CodeGuruProfilerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -410,4 +422,13 @@ export class CodeGuruProfilerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeGuruProfilerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeGuruProfilerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codeguruprofiler/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codeguruprofiler/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..93cf71e34cf8c --- /dev/null +++ b/clients/client-codeguruprofiler/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeGuruProfilerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruProfilerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeGuruProfilerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeGuruProfilerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeGuruProfilerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeGuruProfilerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codeguruprofiler/src/auth/httpAuthSchemeProvider.ts b/clients/client-codeguruprofiler/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0df5b28a4deca --- /dev/null +++ b/clients/client-codeguruprofiler/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeGuruProfilerClientConfig, CodeGuruProfilerClientResolvedConfig } from "../CodeGuruProfilerClient"; + +/** + * @internal + */ +export interface CodeGuruProfilerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeGuruProfilerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeGuruProfilerClientResolvedConfig, + HandlerExecutionContext, + CodeGuruProfilerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeGuruProfilerHttpAuthSchemeParametersProvider = async ( + config: CodeGuruProfilerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeGuruProfilerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codeguru-profiler", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeGuruProfilerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeGuruProfilerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeGuruProfilerHttpAuthSchemeProvider: CodeGuruProfilerHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeGuruProfilerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeGuruProfilerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codeguruprofiler/src/extensionConfiguration.ts b/clients/client-codeguruprofiler/src/extensionConfiguration.ts index df5ec13e18639..f42d5762882c9 100644 --- a/clients/client-codeguruprofiler/src/extensionConfiguration.ts +++ b/clients/client-codeguruprofiler/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeGuruProfilerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codeguruprofiler/src/runtimeConfig.shared.ts b/clients/client-codeguruprofiler/src/runtimeConfig.shared.ts index db57a2ce20c02..fddf7cf4230ce 100644 --- a/clients/client-codeguruprofiler/src/runtimeConfig.shared.ts +++ b/clients/client-codeguruprofiler/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeGuruProfilerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeGuruProfilerClientConfig } from "./CodeGuruProfilerClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeGuruProfilerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeGuruProfilerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeGuruProfiler", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codeguruprofiler/src/runtimeExtensions.ts b/clients/client-codeguruprofiler/src/runtimeExtensions.ts index 11e08a90c17e8..27ea99a304c51 100644 --- a/clients/client-codeguruprofiler/src/runtimeExtensions.ts +++ b/clients/client-codeguruprofiler/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeGuruProfilerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codepipeline/package.json b/clients/client-codepipeline/package.json index 3cefce33a1370..88cbfb0799e49 100644 --- a/clients/client-codepipeline/package.json +++ b/clients/client-codepipeline/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-codepipeline/src/CodePipelineClient.ts b/clients/client-codepipeline/src/CodePipelineClient.ts index efa40d75765dc..d2572b9657a00 100644 --- a/clients/client-codepipeline/src/CodePipelineClient.ts +++ b/clients/client-codepipeline/src/CodePipelineClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodePipelineHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcknowledgeJobCommandInput, AcknowledgeJobCommandOutput } from "./commands/AcknowledgeJobCommand"; import { AcknowledgeThirdPartyJobCommandInput, @@ -333,21 +338,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -386,8 +392,8 @@ export type CodePipelineClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -406,8 +412,8 @@ export type CodePipelineClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -631,8 +637,8 @@ export class CodePipelineClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -641,8 +647,14 @@ export class CodePipelineClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -653,4 +665,13 @@ export class CodePipelineClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodePipelineHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodePipelineClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codepipeline/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codepipeline/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..08d337d4129ab --- /dev/null +++ b/clients/client-codepipeline/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodePipelineHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodePipelineHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodePipelineHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodePipelineHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodePipelineHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodePipelineHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codepipeline/src/auth/httpAuthSchemeProvider.ts b/clients/client-codepipeline/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4507afb320c90 --- /dev/null +++ b/clients/client-codepipeline/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodePipelineClientConfig, CodePipelineClientResolvedConfig } from "../CodePipelineClient"; + +/** + * @internal + */ +export interface CodePipelineHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodePipelineHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodePipelineClientResolvedConfig, + HandlerExecutionContext, + CodePipelineHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodePipelineHttpAuthSchemeParametersProvider = async ( + config: CodePipelineClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodePipelineHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codepipeline", + region: authParameters.region, + }, + propertiesExtractor: (config: CodePipelineClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodePipelineHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodePipelineHttpAuthSchemeProvider: CodePipelineHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodePipelineHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodePipelineHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codepipeline/src/extensionConfiguration.ts b/clients/client-codepipeline/src/extensionConfiguration.ts index 0c413a793c05e..e5f3b81656abf 100644 --- a/clients/client-codepipeline/src/extensionConfiguration.ts +++ b/clients/client-codepipeline/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodePipelineExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codepipeline/src/runtimeConfig.shared.ts b/clients/client-codepipeline/src/runtimeConfig.shared.ts index 7bd6df4c1e3cd..d3e85a1ed91aa 100644 --- a/clients/client-codepipeline/src/runtimeConfig.shared.ts +++ b/clients/client-codepipeline/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodePipelineHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodePipelineClientConfig } from "./CodePipelineClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodePipelineClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodePipelineHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodePipeline", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codepipeline/src/runtimeExtensions.ts b/clients/client-codepipeline/src/runtimeExtensions.ts index 77b02cb7966ee..fa27a591a61eb 100644 --- a/clients/client-codepipeline/src/runtimeExtensions.ts +++ b/clients/client-codepipeline/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodePipelineExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codestar-connections/package.json b/clients/client-codestar-connections/package.json index f3389949fe970..e6346eaf45a0e 100644 --- a/clients/client-codestar-connections/package.json +++ b/clients/client-codestar-connections/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-codestar-connections/src/CodeStarConnectionsClient.ts b/clients/client-codestar-connections/src/CodeStarConnectionsClient.ts index 41bfd25485463..ca475e46ae3f9 100644 --- a/clients/client-codestar-connections/src/CodeStarConnectionsClient.ts +++ b/clients/client-codestar-connections/src/CodeStarConnectionsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeStarConnectionsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateConnectionCommandInput, CreateConnectionCommandOutput } from "./commands/CreateConnectionCommand"; import { CreateHostCommandInput, CreateHostCommandOutput } from "./commands/CreateHostCommand"; import { @@ -279,21 +284,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -332,8 +338,8 @@ export type CodeStarConnectionsClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -352,8 +358,8 @@ export type CodeStarConnectionsClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -463,8 +469,8 @@ export class CodeStarConnectionsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -473,8 +479,14 @@ export class CodeStarConnectionsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -485,4 +497,13 @@ export class CodeStarConnectionsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeStarConnectionsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeStarConnectionsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codestar-connections/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codestar-connections/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3145cf3168c59 --- /dev/null +++ b/clients/client-codestar-connections/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeStarConnectionsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeStarConnectionsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeStarConnectionsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeStarConnectionsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeStarConnectionsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeStarConnectionsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codestar-connections/src/auth/httpAuthSchemeProvider.ts b/clients/client-codestar-connections/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..cb7f8c15bfb3d --- /dev/null +++ b/clients/client-codestar-connections/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeStarConnectionsClientConfig, CodeStarConnectionsClientResolvedConfig } from "../CodeStarConnectionsClient"; + +/** + * @internal + */ +export interface CodeStarConnectionsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeStarConnectionsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeStarConnectionsClientResolvedConfig, + HandlerExecutionContext, + CodeStarConnectionsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeStarConnectionsHttpAuthSchemeParametersProvider = async ( + config: CodeStarConnectionsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeStarConnectionsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codestar-connections", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeStarConnectionsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeStarConnectionsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeStarConnectionsHttpAuthSchemeProvider: CodeStarConnectionsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeStarConnectionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeStarConnectionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codestar-connections/src/extensionConfiguration.ts b/clients/client-codestar-connections/src/extensionConfiguration.ts index 79583cf29a1c6..4195ecfda0f77 100644 --- a/clients/client-codestar-connections/src/extensionConfiguration.ts +++ b/clients/client-codestar-connections/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeStarConnectionsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codestar-connections/src/runtimeConfig.shared.ts b/clients/client-codestar-connections/src/runtimeConfig.shared.ts index f15bb0c8c6dc3..753f123ccfcdd 100644 --- a/clients/client-codestar-connections/src/runtimeConfig.shared.ts +++ b/clients/client-codestar-connections/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeStarConnectionsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeStarConnectionsClientConfig } from "./CodeStarConnectionsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeStarConnectionsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeStarConnectionsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeStar connections", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codestar-connections/src/runtimeExtensions.ts b/clients/client-codestar-connections/src/runtimeExtensions.ts index 68ad337843e7e..6dfe10af59b17 100644 --- a/clients/client-codestar-connections/src/runtimeExtensions.ts +++ b/clients/client-codestar-connections/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeStarConnectionsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codestar-notifications/package.json b/clients/client-codestar-notifications/package.json index 2b6d2f13c055b..69d43c7275368 100644 --- a/clients/client-codestar-notifications/package.json +++ b/clients/client-codestar-notifications/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-codestar-notifications/src/CodestarNotificationsClient.ts b/clients/client-codestar-notifications/src/CodestarNotificationsClient.ts index 5642f46784999..765077a6efeea 100644 --- a/clients/client-codestar-notifications/src/CodestarNotificationsClient.ts +++ b/clients/client-codestar-notifications/src/CodestarNotificationsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodestarNotificationsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateNotificationRuleCommandInput, CreateNotificationRuleCommandOutput, @@ -213,21 +218,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -266,8 +272,8 @@ export type CodestarNotificationsClientConfigType = Partial<__SmithyConfiguratio EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -286,8 +292,8 @@ export type CodestarNotificationsClientResolvedConfigType = __SmithyResolvedConf EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -395,8 +401,8 @@ export class CodestarNotificationsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -405,8 +411,14 @@ export class CodestarNotificationsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -417,4 +429,13 @@ export class CodestarNotificationsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodestarNotificationsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodestarNotificationsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codestar-notifications/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codestar-notifications/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7319bebf02678 --- /dev/null +++ b/clients/client-codestar-notifications/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodestarNotificationsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodestarNotificationsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodestarNotificationsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodestarNotificationsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodestarNotificationsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodestarNotificationsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codestar-notifications/src/auth/httpAuthSchemeProvider.ts b/clients/client-codestar-notifications/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..311934c018a2b --- /dev/null +++ b/clients/client-codestar-notifications/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + CodestarNotificationsClientConfig, + CodestarNotificationsClientResolvedConfig, +} from "../CodestarNotificationsClient"; + +/** + * @internal + */ +export interface CodestarNotificationsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodestarNotificationsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodestarNotificationsClientResolvedConfig, + HandlerExecutionContext, + CodestarNotificationsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodestarNotificationsHttpAuthSchemeParametersProvider = async ( + config: CodestarNotificationsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: CodestarNotificationsHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codestar-notifications", + region: authParameters.region, + }, + propertiesExtractor: (config: CodestarNotificationsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodestarNotificationsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodestarNotificationsHttpAuthSchemeProvider: CodestarNotificationsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodestarNotificationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodestarNotificationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codestar-notifications/src/extensionConfiguration.ts b/clients/client-codestar-notifications/src/extensionConfiguration.ts index 3c5ce6bee5aaf..4bcbc623b8515 100644 --- a/clients/client-codestar-notifications/src/extensionConfiguration.ts +++ b/clients/client-codestar-notifications/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodestarNotificationsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codestar-notifications/src/runtimeConfig.shared.ts b/clients/client-codestar-notifications/src/runtimeConfig.shared.ts index b063287ad55c8..8854c822e18e3 100644 --- a/clients/client-codestar-notifications/src/runtimeConfig.shared.ts +++ b/clients/client-codestar-notifications/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodestarNotificationsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodestarNotificationsClientConfig } from "./CodestarNotificationsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodestarNotificationsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodestarNotificationsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "codestar notifications", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codestar-notifications/src/runtimeExtensions.ts b/clients/client-codestar-notifications/src/runtimeExtensions.ts index 5312d98af8bab..40b9966daa1e5 100644 --- a/clients/client-codestar-notifications/src/runtimeExtensions.ts +++ b/clients/client-codestar-notifications/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodestarNotificationsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-codestar/package.json b/clients/client-codestar/package.json index 7a777287fde16..e85b46e18b83d 100644 --- a/clients/client-codestar/package.json +++ b/clients/client-codestar/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-codestar/src/CodeStarClient.ts b/clients/client-codestar/src/CodeStarClient.ts index 7801f1b566700..10b038cf5aa96 100644 --- a/clients/client-codestar/src/CodeStarClient.ts +++ b/clients/client-codestar/src/CodeStarClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCodeStarHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateTeamMemberCommandInput, AssociateTeamMemberCommandOutput, @@ -219,21 +224,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -272,8 +278,8 @@ export type CodeStarClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export type CodeStarClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -413,8 +419,8 @@ export class CodeStarClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -423,8 +429,14 @@ export class CodeStarClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -435,4 +447,13 @@ export class CodeStarClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCodeStarHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CodeStarClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-codestar/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-codestar/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..38dc03ba1c046 --- /dev/null +++ b/clients/client-codestar/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CodeStarHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeStarHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CodeStarHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CodeStarHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CodeStarHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CodeStarHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-codestar/src/auth/httpAuthSchemeProvider.ts b/clients/client-codestar/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a7405f5dc23a7 --- /dev/null +++ b/clients/client-codestar/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CodeStarClientConfig, CodeStarClientResolvedConfig } from "../CodeStarClient"; + +/** + * @internal + */ +export interface CodeStarHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CodeStarHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CodeStarClientResolvedConfig, + HandlerExecutionContext, + CodeStarHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCodeStarHttpAuthSchemeParametersProvider = async ( + config: CodeStarClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CodeStarHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "codestar", + region: authParameters.region, + }, + propertiesExtractor: (config: CodeStarClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CodeStarHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCodeStarHttpAuthSchemeProvider: CodeStarHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CodeStarHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CodeStarHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-codestar/src/extensionConfiguration.ts b/clients/client-codestar/src/extensionConfiguration.ts index 33d68d837c565..6f711237275d2 100644 --- a/clients/client-codestar/src/extensionConfiguration.ts +++ b/clients/client-codestar/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CodeStarExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-codestar/src/runtimeConfig.shared.ts b/clients/client-codestar/src/runtimeConfig.shared.ts index 402e56e332e5c..3e0804578095e 100644 --- a/clients/client-codestar/src/runtimeConfig.shared.ts +++ b/clients/client-codestar/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCodeStarHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CodeStarClientConfig } from "./CodeStarClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CodeStarClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCodeStarHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "CodeStar", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-codestar/src/runtimeExtensions.ts b/clients/client-codestar/src/runtimeExtensions.ts index 02cf133512414..b84caf16e6c63 100644 --- a/clients/client-codestar/src/runtimeExtensions.ts +++ b/clients/client-codestar/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CodeStarExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cognito-identity-provider/package.json b/clients/client-cognito-identity-provider/package.json index 1d32cedfb451a..ced714b23a2b0 100644 --- a/clients/client-cognito-identity-provider/package.json +++ b/clients/client-cognito-identity-provider/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts b/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts index 463bd629158a2..2f00c2454ab81 100644 --- a/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts +++ b/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts @@ -7,15 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { AwsAuthInputConfig, AwsAuthResolvedConfig, resolveAwsAuthConfig } from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -27,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -43,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCognitoIdentityProviderHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddCustomAttributesCommandInput, AddCustomAttributesCommandOutput, @@ -634,21 +644,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -687,8 +698,8 @@ export type CognitoIdentityProviderClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -707,8 +718,8 @@ export type CognitoIdentityProviderClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -821,8 +832,8 @@ export class CognitoIdentityProviderClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -832,6 +843,13 @@ export class CognitoIdentityProviderClient extends __Client< this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -842,4 +860,13 @@ export class CognitoIdentityProviderClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCognitoIdentityProviderHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CognitoIdentityProviderClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cognito-identity-provider/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cognito-identity-provider/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c44ea9bb58b4d --- /dev/null +++ b/clients/client-cognito-identity-provider/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CognitoIdentityProviderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CognitoIdentityProviderHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CognitoIdentityProviderHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cognito-identity-provider/src/auth/httpAuthSchemeProvider.ts b/clients/client-cognito-identity-provider/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5c0b6360828df --- /dev/null +++ b/clients/client-cognito-identity-provider/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,257 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + CognitoIdentityProviderClientConfig, + CognitoIdentityProviderClientResolvedConfig, +} from "../CognitoIdentityProviderClient"; + +/** + * @internal + */ +export interface CognitoIdentityProviderHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CognitoIdentityProviderHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CognitoIdentityProviderClientResolvedConfig, + HandlerExecutionContext, + CognitoIdentityProviderHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCognitoIdentityProviderHttpAuthSchemeParametersProvider = async ( + config: CognitoIdentityProviderClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: CognitoIdentityProviderHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cognito-idp", + region: authParameters.region, + }, + propertiesExtractor: (config: CognitoIdentityProviderClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +function createSmithyApiNoAuthHttpAuthOption( + authParameters: CognitoIdentityProviderHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "smithy.api#noAuth", + }; +} + +/** + * @internal + */ +export interface CognitoIdentityProviderHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCognitoIdentityProviderHttpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + case "AssociateSoftwareToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ChangePassword": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ConfirmDevice": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ConfirmForgotPassword": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ConfirmSignUp": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "DeleteUser": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "DeleteUserAttributes": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ForgetDevice": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ForgotPassword": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GetDevice": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GetUser": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GetUserAttributeVerificationCode": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GlobalSignOut": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "InitiateAuth": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ListDevices": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ResendConfirmationCode": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "RespondToAuthChallenge": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "RevokeToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "SetUserMFAPreference": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "SetUserSettings": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "SignUp": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "UpdateAuthEventFeedback": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "UpdateDeviceStatus": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "UpdateUserAttributes": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "VerifySoftwareToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "VerifyUserAttribute": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CognitoIdentityProviderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CognitoIdentityProviderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cognito-identity-provider/src/commands/AddCustomAttributesCommand.ts b/clients/client-cognito-identity-provider/src/commands/AddCustomAttributesCommand.ts index 1b09908655ded..e85addeeb49c2 100644 --- a/clients/client-cognito-identity-provider/src/commands/AddCustomAttributesCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AddCustomAttributesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -133,7 +132,6 @@ export class AddCustomAttributesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AddCustomAttributes", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminAddUserToGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminAddUserToGroupCommand.ts index 1483d20cad1b4..5db903c087917 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminAddUserToGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminAddUserToGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -119,7 +118,6 @@ export class AdminAddUserToGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminAddUserToGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts index f6c7e2b3d4ee4..f22954ea6e90f 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -150,7 +149,6 @@ export class AdminConfirmSignUpCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminConfirmSignUp", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts index 41a3668902ef5..ce54410f957b0 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -286,7 +285,6 @@ export class AdminCreateUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminCreateUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserAttributesCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserAttributesCommand.ts index 11169a7bc48cd..a4fc818edd530 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserAttributesCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserAttributesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -124,7 +123,6 @@ export class AdminDeleteUserAttributesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminDeleteUserAttributes", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserCommand.ts index aeb5ed855dd18..b85432ac79680 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminDeleteUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -116,7 +115,6 @@ export class AdminDeleteUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminDeleteUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts index f733d7380ecd8..452a3601a3ddb 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -154,7 +153,6 @@ export class AdminDisableProviderForUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminDisableProviderForUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminDisableUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminDisableUserCommand.ts index ffa8e4e67e5f2..dbb215d5ed667 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminDisableUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminDisableUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -122,7 +121,6 @@ export class AdminDisableUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminDisableUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminEnableUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminEnableUserCommand.ts index cecbaaebc8367..f8ccc155ddeff 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminEnableUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminEnableUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -120,7 +119,6 @@ export class AdminEnableUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminEnableUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminForgetDeviceCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminForgetDeviceCommand.ts index db3709c5f3977..8f5b55b3008ee 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminForgetDeviceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminForgetDeviceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -120,7 +119,6 @@ export class AdminForgetDeviceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminForgetDevice", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminGetDeviceCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminGetDeviceCommand.ts index a98941861a3cc..c5f95eb5461bc 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminGetDeviceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminGetDeviceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -135,7 +134,6 @@ export class AdminGetDeviceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminGetDevice", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminGetUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminGetUserCommand.ts index b2ea5662078ab..b2ee78a64d6f8 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminGetUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminGetUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -144,7 +143,6 @@ export class AdminGetUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminGetUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts index 590c9aaae27d7..eb4f6cb769d15 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -211,7 +210,6 @@ export class AdminInitiateAuthCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminInitiateAuth", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts index 9ae041944d7f4..57f77afddd58e 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -152,7 +151,6 @@ export class AdminLinkProviderForUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminLinkProviderForUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminListDevicesCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminListDevicesCommand.ts index 3a5daa88d6c49..fcb5215bb5172 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminListDevicesCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminListDevicesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -139,7 +138,6 @@ export class AdminListDevicesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminListDevices", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminListGroupsForUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminListGroupsForUserCommand.ts index 27a4e79bf8c16..6f1b5cd6c5b1f 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminListGroupsForUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminListGroupsForUserCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -135,7 +134,6 @@ export class AdminListGroupsForUserCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminListGroupsForUser", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts index ad03529e6fc72..1fcc010b78102 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -159,7 +158,6 @@ export class AdminListUserAuthEventsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminListUserAuthEvents", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminRemoveUserFromGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminRemoveUserFromGroupCommand.ts index 5ec9816bd8c59..a347b64a79fe3 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminRemoveUserFromGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminRemoveUserFromGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -117,7 +116,6 @@ export class AdminRemoveUserFromGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminRemoveUserFromGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts index d8418cabe542e..3aaf2570a3bf7 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -178,7 +177,6 @@ export class AdminResetUserPasswordCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminResetUserPassword", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts index 1963fa69c7b64..e1586c0212e86 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -241,7 +240,6 @@ export class AdminRespondToAuthChallengeCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminRespondToAuthChallenge", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts index 16b75cd18e034..c096c3afb1135 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -134,7 +133,6 @@ export class AdminSetUserMFAPreferenceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminSetUserMFAPreference", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts index 640734aa8795f..d3f5276fbc404 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -145,7 +144,6 @@ export class AdminSetUserPasswordCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminSetUserPassword", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminSetUserSettingsCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminSetUserSettingsCommand.ts index 6650b580db36c..6c3c3a642d5b2 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminSetUserSettingsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminSetUserSettingsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -125,7 +124,6 @@ export class AdminSetUserSettingsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminSetUserSettings", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts index a4dfe5bbfcbfb..bbb9983d58140 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -132,7 +131,6 @@ export class AdminUpdateAuthEventFeedbackCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminUpdateAuthEventFeedback", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUpdateDeviceStatusCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUpdateDeviceStatusCommand.ts index 374d1d2afbda9..400b5843bdfbf 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUpdateDeviceStatusCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUpdateDeviceStatusCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -125,7 +124,6 @@ export class AdminUpdateDeviceStatusCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminUpdateDeviceStatus", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts index e035b1cfc1140..9f841ce5f7ab8 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -184,7 +183,6 @@ export class AdminUpdateUserAttributesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminUpdateUserAttributes", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts index 91cf2537115e6..f664fc977811a 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -143,7 +142,6 @@ export class AdminUserGlobalSignOutCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "AdminUserGlobalSignOut", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateGroupCommand.ts index b63add05897c2..7afae5cd9af33 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -134,7 +133,6 @@ export class CreateGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateIdentityProviderCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateIdentityProviderCommand.ts index 2e0a8ae5f538d..77c5f1ffca191 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateIdentityProviderCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateIdentityProviderCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -148,7 +147,6 @@ export class CreateIdentityProviderCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateIdentityProvider", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts index fef3a956a5e34..2676ee7941ba8 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -136,7 +135,6 @@ export class CreateResourceServerCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateResourceServer", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserImportJobCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserImportJobCommand.ts index e4192c251e6aa..5c0f65c89f9da 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserImportJobCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserImportJobCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -137,7 +136,6 @@ export class CreateUserImportJobCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateUserImportJob", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts index ab0ba6839cad4..22c73d669359f 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -360,7 +359,6 @@ export class CreateUserPoolClientCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateUserPoolClient", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts index 76f71b2560ef3..d5ef5b9bc1847 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -864,7 +863,6 @@ export class CreateUserPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateUserPool", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolDomainCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolDomainCommand.ts index ca0cd35ed21d5..e7c810580e6b1 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolDomainCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolDomainCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -118,7 +117,6 @@ export class CreateUserPoolDomainCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "CreateUserPoolDomain", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteGroupCommand.ts index 1e3a40a962784..df7dd152077de 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -94,7 +93,6 @@ export class DeleteGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteIdentityProviderCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteIdentityProviderCommand.ts index 4e274b0673745..78bcd23429411 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteIdentityProviderCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteIdentityProviderCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -100,7 +99,6 @@ export class DeleteIdentityProviderCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteIdentityProvider", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteResourceServerCommand.ts index 66bc9709c7d29..a672b69205314 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteResourceServerCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -93,7 +92,6 @@ export class DeleteResourceServerCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteResourceServer", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolClientCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolClientCommand.ts index 96a176dabeab6..4c055e33963c9 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolClientCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolClientCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -97,7 +96,6 @@ export class DeleteUserPoolClientCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteUserPoolClient", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolCommand.ts index 1689156eee788..cd03210154b01 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -96,7 +95,6 @@ export class DeleteUserPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteUserPool", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolDomainCommand.ts b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolDomainCommand.ts index 11ee9991f9cdf..d04f51bcd252f 100644 --- a/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolDomainCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DeleteUserPoolDomainCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -89,7 +88,6 @@ export class DeleteUserPoolDomainCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DeleteUserPoolDomain", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeIdentityProviderCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeIdentityProviderCommand.ts index 05ddd94c9e6fd..4b2165eb066cc 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeIdentityProviderCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeIdentityProviderCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -110,7 +109,6 @@ export class DescribeIdentityProviderCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeIdentityProvider", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeResourceServerCommand.ts index cc385575ea029..bc23105e798bd 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeResourceServerCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -105,7 +104,6 @@ export class DescribeResourceServerCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeResourceServer", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeRiskConfigurationCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeRiskConfigurationCommand.ts index 5f9ddade5d5eb..b662dabe983ff 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeRiskConfigurationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeRiskConfigurationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -159,7 +158,6 @@ export class DescribeRiskConfigurationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeRiskConfiguration", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeUserImportJobCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeUserImportJobCommand.ts index f50984594c290..a918b08792608 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeUserImportJobCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeUserImportJobCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -109,7 +108,6 @@ export class DescribeUserImportJobCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeUserImportJob", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolClientCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolClientCommand.ts index 50a5ccc75ed29..ccbf955904496 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolClientCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolClientCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -173,7 +172,6 @@ export class DescribeUserPoolClientCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeUserPoolClient", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolCommand.ts index 20aa302b76401..93b029831c3d4 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -251,7 +250,6 @@ export class DescribeUserPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeUserPool", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolDomainCommand.ts b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolDomainCommand.ts index 860b77c149488..02f37966bdcd5 100644 --- a/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolDomainCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/DescribeUserPoolDomainCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -101,7 +100,6 @@ export class DescribeUserPoolDomainCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "DescribeUserPoolDomain", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetCSVHeaderCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetCSVHeaderCommand.ts index f47efd2bfffc6..2a54cc23aa7d5 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetCSVHeaderCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetCSVHeaderCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -98,7 +97,6 @@ export class GetCSVHeaderCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetCSVHeader", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetGroupCommand.ts index e6f5a7b9e29e7..8b701a4739e0b 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -104,7 +103,6 @@ export class GetGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetIdentityProviderByIdentifierCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetIdentityProviderByIdentifierCommand.ts index cff5e28a33f6a..8510d4a5060aa 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetIdentityProviderByIdentifierCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetIdentityProviderByIdentifierCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -115,7 +114,6 @@ export class GetIdentityProviderByIdentifierCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetIdentityProviderByIdentifier", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetLogDeliveryConfigurationCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetLogDeliveryConfigurationCommand.ts index a26d36ab3ef3c..09335a04f5c77 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetLogDeliveryConfigurationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetLogDeliveryConfigurationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -107,7 +106,6 @@ export class GetLogDeliveryConfigurationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetLogDeliveryConfiguration", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetSigningCertificateCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetSigningCertificateCommand.ts index 1c760ca1d18bc..38cf674d80a5b 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetSigningCertificateCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetSigningCertificateCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -91,7 +90,6 @@ export class GetSigningCertificateCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetSigningCertificate", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts index 6c41cd6562715..988395e749d67 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -112,7 +111,6 @@ export class GetUICustomizationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetUICustomization", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/GetUserPoolMfaConfigCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetUserPoolMfaConfigCommand.ts index 3a8069212d157..ae49f045f8a01 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetUserPoolMfaConfigCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetUserPoolMfaConfigCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -105,7 +104,6 @@ export class GetUserPoolMfaConfigCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "GetUserPoolMfaConfig", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListGroupsCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListGroupsCommand.ts index 27efcb2e23d6c..81eeae6c34012 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListGroupsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListGroupsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -127,7 +126,6 @@ export class ListGroupsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListGroups", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListIdentityProvidersCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListIdentityProvidersCommand.ts index 3d202926d90f2..b56c61de774de 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListIdentityProvidersCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListIdentityProvidersCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -124,7 +123,6 @@ export class ListIdentityProvidersCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListIdentityProviders", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListResourceServersCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListResourceServersCommand.ts index f5a5671760116..7aa73d70c7620 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListResourceServersCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListResourceServersCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -129,7 +128,6 @@ export class ListResourceServersCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListResourceServers", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListTagsForResourceCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListTagsForResourceCommand.ts index 7a8cf901a5a53..f562b1e139557 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListTagsForResourceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListTagsForResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -99,7 +98,6 @@ export class ListTagsForResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListTagsForResource", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListUserImportJobsCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUserImportJobsCommand.ts index e146802945f3f..38e7de8401cdc 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUserImportJobsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUserImportJobsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -133,7 +132,6 @@ export class ListUserImportJobsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListUserImportJobs", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListUserPoolClientsCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUserPoolClientsCommand.ts index b0575f8b5410a..6915666c1838e 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUserPoolClientsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUserPoolClientsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -127,7 +126,6 @@ export class ListUserPoolClientsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListUserPoolClients", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts index 8525304325a94..e1078c3fb9731 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -145,7 +144,6 @@ export class ListUserPoolsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListUserPools", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListUsersCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUsersCommand.ts index de0a57b92cc99..c1a22c3d44914 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUsersCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUsersCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -217,7 +216,6 @@ export class ListUsersCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListUsers", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/ListUsersInGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUsersInGroupCommand.ts index a35ef853b309a..fe32f0bfc0213 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUsersInGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUsersInGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -142,7 +141,6 @@ export class ListUsersInGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "ListUsersInGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/SetLogDeliveryConfigurationCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetLogDeliveryConfigurationCommand.ts index 5f99b41990f1c..d53f00ab1deec 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetLogDeliveryConfigurationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetLogDeliveryConfigurationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -117,7 +116,6 @@ export class SetLogDeliveryConfigurationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "SetLogDeliveryConfiguration", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts index d9c0878f94bfd..4f8370fc1a03f 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -223,7 +222,6 @@ export class SetRiskConfigurationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "SetRiskConfiguration", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/SetUICustomizationCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetUICustomizationCommand.ts index 383161f1b5c9d..08ba3fee8315a 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetUICustomizationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetUICustomizationCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -122,7 +121,6 @@ export class SetUICustomizationCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "SetUICustomization", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts index b5fca28426fc7..0c6764f1af2da 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -144,7 +143,6 @@ export class SetUserPoolMfaConfigCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "SetUserPoolMfaConfig", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/StartUserImportJobCommand.ts b/clients/client-cognito-identity-provider/src/commands/StartUserImportJobCommand.ts index beace221beb36..9a100776c8f10 100644 --- a/clients/client-cognito-identity-provider/src/commands/StartUserImportJobCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/StartUserImportJobCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -112,7 +111,6 @@ export class StartUserImportJobCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "StartUserImportJob", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/StopUserImportJobCommand.ts b/clients/client-cognito-identity-provider/src/commands/StopUserImportJobCommand.ts index 0d11cd99a88fc..64f86245d9000 100644 --- a/clients/client-cognito-identity-provider/src/commands/StopUserImportJobCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/StopUserImportJobCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -112,7 +111,6 @@ export class StopUserImportJobCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "StopUserImportJob", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/TagResourceCommand.ts b/clients/client-cognito-identity-provider/src/commands/TagResourceCommand.ts index 3326e1ebc830a..0de814ed8e7ab 100644 --- a/clients/client-cognito-identity-provider/src/commands/TagResourceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/TagResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -108,7 +107,6 @@ export class TagResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "TagResource", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts b/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts index 013196bd92d4c..66df2511cf705 100644 --- a/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -96,7 +95,6 @@ export class UntagResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UntagResource", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateGroupCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateGroupCommand.ts index 1fb50ad83fdc0..2fccf37d2d3b9 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateGroupCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateGroupCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -126,7 +125,6 @@ export class UpdateGroupCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateGroup", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateIdentityProviderCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateIdentityProviderCommand.ts index aab480f3548c7..90fe73d5d3c26 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateIdentityProviderCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateIdentityProviderCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -146,7 +145,6 @@ export class UpdateIdentityProviderCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateIdentityProvider", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts index 780df57914372..72d9c8ea0f3e7 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -136,7 +135,6 @@ export class UpdateResourceServerCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateResourceServer", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolClientCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolClientCommand.ts index fce2d824f3928..a78b21be979e8 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolClientCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolClientCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -234,7 +233,6 @@ export class UpdateUserPoolClientCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateUserPoolClient", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts index 6ce0206217dab..d6f99e8633112 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -254,7 +253,6 @@ export class UpdateUserPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateUserPool", {}) diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolDomainCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolDomainCommand.ts index 52335deb2ddcc..d07e2ae6510b6 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolDomainCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolDomainCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -136,7 +135,6 @@ export class UpdateUserPoolDomainCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityProviderService", "UpdateUserPoolDomain", {}) diff --git a/clients/client-cognito-identity-provider/src/extensionConfiguration.ts b/clients/client-cognito-identity-provider/src/extensionConfiguration.ts index f558fa3e18fb7..d117425c0ac55 100644 --- a/clients/client-cognito-identity-provider/src/extensionConfiguration.ts +++ b/clients/client-cognito-identity-provider/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CognitoIdentityProviderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cognito-identity-provider/src/runtimeConfig.shared.ts b/clients/client-cognito-identity-provider/src/runtimeConfig.shared.ts index 3e05396ce0f46..97bc623a46d16 100644 --- a/clients/client-cognito-identity-provider/src/runtimeConfig.shared.ts +++ b/clients/client-cognito-identity-provider/src/runtimeConfig.shared.ts @@ -1,9 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; +import { NoAuthSigner } from "@smithy/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCognitoIdentityProviderHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CognitoIdentityProviderClientConfig } from "./CognitoIdentityProviderClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +22,20 @@ export const getRuntimeConfig = (config: CognitoIdentityProviderClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCognitoIdentityProviderHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc: IdentityProviderConfig) => + ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new NoAuthSigner(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cognito Identity Provider", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cognito-identity-provider/src/runtimeExtensions.ts b/clients/client-cognito-identity-provider/src/runtimeExtensions.ts index af026f6a58bc5..f1bc85cade1d2 100644 --- a/clients/client-cognito-identity-provider/src/runtimeExtensions.ts +++ b/clients/client-cognito-identity-provider/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CognitoIdentityProviderExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cognito-identity/package.json b/clients/client-cognito-identity/package.json index 4f470a6fd1e8e..7171b9b6a8fb3 100644 --- a/clients/client-cognito-identity/package.json +++ b/clients/client-cognito-identity/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cognito-identity/src/CognitoIdentityClient.ts b/clients/client-cognito-identity/src/CognitoIdentityClient.ts index 61b33928a8504..88e949e86d218 100644 --- a/clients/client-cognito-identity/src/CognitoIdentityClient.ts +++ b/clients/client-cognito-identity/src/CognitoIdentityClient.ts @@ -7,15 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { AwsAuthInputConfig, AwsAuthResolvedConfig, resolveAwsAuthConfig } from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -27,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -43,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCognitoIdentityHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateIdentityPoolCommandInput, CreateIdentityPoolCommandOutput } from "./commands/CreateIdentityPoolCommand"; import { DeleteIdentitiesCommandInput, DeleteIdentitiesCommandOutput } from "./commands/DeleteIdentitiesCommand"; import { DeleteIdentityPoolCommandInput, DeleteIdentityPoolCommandOutput } from "./commands/DeleteIdentityPoolCommand"; @@ -253,21 +263,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -306,8 +317,8 @@ export type CognitoIdentityClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -326,8 +337,8 @@ export type CognitoIdentityClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -371,8 +382,8 @@ export class CognitoIdentityClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -382,6 +393,13 @@ export class CognitoIdentityClient extends __Client< this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -392,4 +410,13 @@ export class CognitoIdentityClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCognitoIdentityHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CognitoIdentityClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cognito-identity/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cognito-identity/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9cb320d9723a3 --- /dev/null +++ b/clients/client-cognito-identity/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CognitoIdentityHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CognitoIdentityHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CognitoIdentityHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cognito-identity/src/auth/httpAuthSchemeProvider.ts b/clients/client-cognito-identity/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bde34971bafc5 --- /dev/null +++ b/clients/client-cognito-identity/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,160 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CognitoIdentityClientConfig, CognitoIdentityClientResolvedConfig } from "../CognitoIdentityClient"; + +/** + * @internal + */ +export interface CognitoIdentityHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CognitoIdentityHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CognitoIdentityClientResolvedConfig, + HandlerExecutionContext, + CognitoIdentityHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCognitoIdentityHttpAuthSchemeParametersProvider = async ( + config: CognitoIdentityClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CognitoIdentityHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cognito-identity", + region: authParameters.region, + }, + propertiesExtractor: (config: CognitoIdentityClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +function createSmithyApiNoAuthHttpAuthOption(authParameters: CognitoIdentityHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "smithy.api#noAuth", + }; +} + +/** + * @internal + */ +export interface CognitoIdentityHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCognitoIdentityHttpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + case "GetCredentialsForIdentity": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GetId": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "GetOpenIdToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "UnlinkIdentity": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CognitoIdentityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CognitoIdentityHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cognito-identity/src/commands/CreateIdentityPoolCommand.ts b/clients/client-cognito-identity/src/commands/CreateIdentityPoolCommand.ts index 306ee96d7f970..399bfdd715f8a 100644 --- a/clients/client-cognito-identity/src/commands/CreateIdentityPoolCommand.ts +++ b/clients/client-cognito-identity/src/commands/CreateIdentityPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -162,7 +161,6 @@ export class CreateIdentityPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "CreateIdentityPool", {}) diff --git a/clients/client-cognito-identity/src/commands/DeleteIdentitiesCommand.ts b/clients/client-cognito-identity/src/commands/DeleteIdentitiesCommand.ts index 4f231c8f1f2be..3066bdae73418 100644 --- a/clients/client-cognito-identity/src/commands/DeleteIdentitiesCommand.ts +++ b/clients/client-cognito-identity/src/commands/DeleteIdentitiesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -90,7 +89,6 @@ export class DeleteIdentitiesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "DeleteIdentities", {}) diff --git a/clients/client-cognito-identity/src/commands/DeleteIdentityPoolCommand.ts b/clients/client-cognito-identity/src/commands/DeleteIdentityPoolCommand.ts index 0ff49fed9f62e..bab382d2e5efe 100644 --- a/clients/client-cognito-identity/src/commands/DeleteIdentityPoolCommand.ts +++ b/clients/client-cognito-identity/src/commands/DeleteIdentityPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -88,7 +87,6 @@ export class DeleteIdentityPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "DeleteIdentityPool", {}) diff --git a/clients/client-cognito-identity/src/commands/DescribeIdentityCommand.ts b/clients/client-cognito-identity/src/commands/DescribeIdentityCommand.ts index 114a2f087a2b2..96ae27b961e05 100644 --- a/clients/client-cognito-identity/src/commands/DescribeIdentityCommand.ts +++ b/clients/client-cognito-identity/src/commands/DescribeIdentityCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -95,7 +94,6 @@ export class DescribeIdentityCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "DescribeIdentity", {}) diff --git a/clients/client-cognito-identity/src/commands/DescribeIdentityPoolCommand.ts b/clients/client-cognito-identity/src/commands/DescribeIdentityPoolCommand.ts index 6388caf71f8a2..9cb1168d874f8 100644 --- a/clients/client-cognito-identity/src/commands/DescribeIdentityPoolCommand.ts +++ b/clients/client-cognito-identity/src/commands/DescribeIdentityPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -113,7 +112,6 @@ export class DescribeIdentityPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "DescribeIdentityPool", {}) diff --git a/clients/client-cognito-identity/src/commands/GetIdentityPoolRolesCommand.ts b/clients/client-cognito-identity/src/commands/GetIdentityPoolRolesCommand.ts index 29ccffc24f787..0a43cd15214d1 100644 --- a/clients/client-cognito-identity/src/commands/GetIdentityPoolRolesCommand.ts +++ b/clients/client-cognito-identity/src/commands/GetIdentityPoolRolesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -112,7 +111,6 @@ export class GetIdentityPoolRolesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "GetIdentityPoolRoles", {}) diff --git a/clients/client-cognito-identity/src/commands/GetOpenIdTokenForDeveloperIdentityCommand.ts b/clients/client-cognito-identity/src/commands/GetOpenIdTokenForDeveloperIdentityCommand.ts index 016121f132f9a..093d86e09597e 100644 --- a/clients/client-cognito-identity/src/commands/GetOpenIdTokenForDeveloperIdentityCommand.ts +++ b/clients/client-cognito-identity/src/commands/GetOpenIdTokenForDeveloperIdentityCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -125,7 +124,6 @@ export class GetOpenIdTokenForDeveloperIdentityCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "GetOpenIdTokenForDeveloperIdentity", {}) diff --git a/clients/client-cognito-identity/src/commands/GetPrincipalTagAttributeMapCommand.ts b/clients/client-cognito-identity/src/commands/GetPrincipalTagAttributeMapCommand.ts index ff16a206ee8e7..203428ae702a3 100644 --- a/clients/client-cognito-identity/src/commands/GetPrincipalTagAttributeMapCommand.ts +++ b/clients/client-cognito-identity/src/commands/GetPrincipalTagAttributeMapCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -96,7 +95,6 @@ export class GetPrincipalTagAttributeMapCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "GetPrincipalTagAttributeMap", {}) diff --git a/clients/client-cognito-identity/src/commands/ListIdentitiesCommand.ts b/clients/client-cognito-identity/src/commands/ListIdentitiesCommand.ts index 873751ad13667..c3a4ca3068e94 100644 --- a/clients/client-cognito-identity/src/commands/ListIdentitiesCommand.ts +++ b/clients/client-cognito-identity/src/commands/ListIdentitiesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -103,7 +102,6 @@ export class ListIdentitiesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "ListIdentities", {}) diff --git a/clients/client-cognito-identity/src/commands/ListIdentityPoolsCommand.ts b/clients/client-cognito-identity/src/commands/ListIdentityPoolsCommand.ts index cf806b3537c2c..8f7985f8fe7a7 100644 --- a/clients/client-cognito-identity/src/commands/ListIdentityPoolsCommand.ts +++ b/clients/client-cognito-identity/src/commands/ListIdentityPoolsCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -96,7 +95,6 @@ export class ListIdentityPoolsCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "ListIdentityPools", {}) diff --git a/clients/client-cognito-identity/src/commands/ListTagsForResourceCommand.ts b/clients/client-cognito-identity/src/commands/ListTagsForResourceCommand.ts index 1b3ccd358d6b6..d8f73dcadfe35 100644 --- a/clients/client-cognito-identity/src/commands/ListTagsForResourceCommand.ts +++ b/clients/client-cognito-identity/src/commands/ListTagsForResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -93,7 +92,6 @@ export class ListTagsForResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "ListTagsForResource", {}) diff --git a/clients/client-cognito-identity/src/commands/LookupDeveloperIdentityCommand.ts b/clients/client-cognito-identity/src/commands/LookupDeveloperIdentityCommand.ts index 65860f83dc5d7..e66ca803eade3 100644 --- a/clients/client-cognito-identity/src/commands/LookupDeveloperIdentityCommand.ts +++ b/clients/client-cognito-identity/src/commands/LookupDeveloperIdentityCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -116,7 +115,6 @@ export class LookupDeveloperIdentityCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "LookupDeveloperIdentity", {}) diff --git a/clients/client-cognito-identity/src/commands/MergeDeveloperIdentitiesCommand.ts b/clients/client-cognito-identity/src/commands/MergeDeveloperIdentitiesCommand.ts index b988fc80b7ec3..46518ef1973e3 100644 --- a/clients/client-cognito-identity/src/commands/MergeDeveloperIdentitiesCommand.ts +++ b/clients/client-cognito-identity/src/commands/MergeDeveloperIdentitiesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -107,7 +106,6 @@ export class MergeDeveloperIdentitiesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "MergeDeveloperIdentities", {}) diff --git a/clients/client-cognito-identity/src/commands/SetIdentityPoolRolesCommand.ts b/clients/client-cognito-identity/src/commands/SetIdentityPoolRolesCommand.ts index 674eda33262a6..6a06d69f7663b 100644 --- a/clients/client-cognito-identity/src/commands/SetIdentityPoolRolesCommand.ts +++ b/clients/client-cognito-identity/src/commands/SetIdentityPoolRolesCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -113,7 +112,6 @@ export class SetIdentityPoolRolesCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "SetIdentityPoolRoles", {}) diff --git a/clients/client-cognito-identity/src/commands/SetPrincipalTagAttributeMapCommand.ts b/clients/client-cognito-identity/src/commands/SetPrincipalTagAttributeMapCommand.ts index 0f1ceb8fdb956..6e0b1399becfb 100644 --- a/clients/client-cognito-identity/src/commands/SetPrincipalTagAttributeMapCommand.ts +++ b/clients/client-cognito-identity/src/commands/SetPrincipalTagAttributeMapCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -100,7 +99,6 @@ export class SetPrincipalTagAttributeMapCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "SetPrincipalTagAttributeMap", {}) diff --git a/clients/client-cognito-identity/src/commands/TagResourceCommand.ts b/clients/client-cognito-identity/src/commands/TagResourceCommand.ts index bc71cc40654c4..8bb27d8a2d0a6 100644 --- a/clients/client-cognito-identity/src/commands/TagResourceCommand.ts +++ b/clients/client-cognito-identity/src/commands/TagResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -103,7 +102,6 @@ export class TagResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "TagResource", {}) diff --git a/clients/client-cognito-identity/src/commands/UnlinkDeveloperIdentityCommand.ts b/clients/client-cognito-identity/src/commands/UnlinkDeveloperIdentityCommand.ts index 135d18e8af3f2..0aae7fdc53c7e 100644 --- a/clients/client-cognito-identity/src/commands/UnlinkDeveloperIdentityCommand.ts +++ b/clients/client-cognito-identity/src/commands/UnlinkDeveloperIdentityCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -97,7 +96,6 @@ export class UnlinkDeveloperIdentityCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "UnlinkDeveloperIdentity", {}) diff --git a/clients/client-cognito-identity/src/commands/UntagResourceCommand.ts b/clients/client-cognito-identity/src/commands/UntagResourceCommand.ts index df27d8621bce0..b814df76cc038 100644 --- a/clients/client-cognito-identity/src/commands/UntagResourceCommand.ts +++ b/clients/client-cognito-identity/src/commands/UntagResourceCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -90,7 +89,6 @@ export class UntagResourceCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "UntagResource", {}) diff --git a/clients/client-cognito-identity/src/commands/UpdateIdentityPoolCommand.ts b/clients/client-cognito-identity/src/commands/UpdateIdentityPoolCommand.ts index 8391b1fd81bd9..d1997651ff936 100644 --- a/clients/client-cognito-identity/src/commands/UpdateIdentityPoolCommand.ts +++ b/clients/client-cognito-identity/src/commands/UpdateIdentityPoolCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -145,7 +144,6 @@ export class UpdateIdentityPoolCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSCognitoIdentityService", "UpdateIdentityPool", {}) diff --git a/clients/client-cognito-identity/src/extensionConfiguration.ts b/clients/client-cognito-identity/src/extensionConfiguration.ts index 4fde020b0671a..610fbb6b7d20f 100644 --- a/clients/client-cognito-identity/src/extensionConfiguration.ts +++ b/clients/client-cognito-identity/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CognitoIdentityExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cognito-identity/src/runtimeConfig.shared.ts b/clients/client-cognito-identity/src/runtimeConfig.shared.ts index a627873001029..12e2adab9d4aa 100644 --- a/clients/client-cognito-identity/src/runtimeConfig.shared.ts +++ b/clients/client-cognito-identity/src/runtimeConfig.shared.ts @@ -1,9 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; +import { NoAuthSigner } from "@smithy/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCognitoIdentityHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CognitoIdentityClientConfig } from "./CognitoIdentityClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +22,20 @@ export const getRuntimeConfig = (config: CognitoIdentityClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCognitoIdentityHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc: IdentityProviderConfig) => + ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new NoAuthSigner(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cognito Identity", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cognito-identity/src/runtimeExtensions.ts b/clients/client-cognito-identity/src/runtimeExtensions.ts index 75e58ad619b46..e56854cbc482a 100644 --- a/clients/client-cognito-identity/src/runtimeExtensions.ts +++ b/clients/client-cognito-identity/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CognitoIdentityExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cognito-sync/package.json b/clients/client-cognito-sync/package.json index 4c0294ca87eea..66b367a33eb87 100644 --- a/clients/client-cognito-sync/package.json +++ b/clients/client-cognito-sync/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cognito-sync/src/CognitoSyncClient.ts b/clients/client-cognito-sync/src/CognitoSyncClient.ts index 47b1145552881..ef1ea47cd23cc 100644 --- a/clients/client-cognito-sync/src/CognitoSyncClient.ts +++ b/clients/client-cognito-sync/src/CognitoSyncClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCognitoSyncHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BulkPublishCommandInput, BulkPublishCommandOutput } from "./commands/BulkPublishCommand"; import { DeleteDatasetCommandInput, DeleteDatasetCommandOutput } from "./commands/DeleteDatasetCommand"; import { DescribeDatasetCommandInput, DescribeDatasetCommandOutput } from "./commands/DescribeDatasetCommand"; @@ -228,21 +233,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -281,8 +287,8 @@ export type CognitoSyncClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export type CognitoSyncClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -345,8 +351,8 @@ export class CognitoSyncClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -355,8 +361,14 @@ export class CognitoSyncClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -367,4 +379,13 @@ export class CognitoSyncClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCognitoSyncHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CognitoSyncClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cognito-sync/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cognito-sync/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..46581cf676f1c --- /dev/null +++ b/clients/client-cognito-sync/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CognitoSyncHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoSyncHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CognitoSyncHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CognitoSyncHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CognitoSyncHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CognitoSyncHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cognito-sync/src/auth/httpAuthSchemeProvider.ts b/clients/client-cognito-sync/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b426d1c96f28b --- /dev/null +++ b/clients/client-cognito-sync/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CognitoSyncClientConfig, CognitoSyncClientResolvedConfig } from "../CognitoSyncClient"; + +/** + * @internal + */ +export interface CognitoSyncHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CognitoSyncHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CognitoSyncClientResolvedConfig, + HandlerExecutionContext, + CognitoSyncHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCognitoSyncHttpAuthSchemeParametersProvider = async ( + config: CognitoSyncClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CognitoSyncHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cognito-sync", + region: authParameters.region, + }, + propertiesExtractor: (config: CognitoSyncClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CognitoSyncHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCognitoSyncHttpAuthSchemeProvider: CognitoSyncHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CognitoSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CognitoSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cognito-sync/src/extensionConfiguration.ts b/clients/client-cognito-sync/src/extensionConfiguration.ts index 61c3dfda7d760..f479832a6039c 100644 --- a/clients/client-cognito-sync/src/extensionConfiguration.ts +++ b/clients/client-cognito-sync/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CognitoSyncExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cognito-sync/src/runtimeConfig.shared.ts b/clients/client-cognito-sync/src/runtimeConfig.shared.ts index 7515fcdfade0d..d52d2c09d2713 100644 --- a/clients/client-cognito-sync/src/runtimeConfig.shared.ts +++ b/clients/client-cognito-sync/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCognitoSyncHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CognitoSyncClientConfig } from "./CognitoSyncClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CognitoSyncClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCognitoSyncHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cognito Sync", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cognito-sync/src/runtimeExtensions.ts b/clients/client-cognito-sync/src/runtimeExtensions.ts index 366fe24814315..3666cf6d527d4 100644 --- a/clients/client-cognito-sync/src/runtimeExtensions.ts +++ b/clients/client-cognito-sync/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CognitoSyncExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-comprehend/package.json b/clients/client-comprehend/package.json index 363085dfe8ad6..0966c7cc10918 100644 --- a/clients/client-comprehend/package.json +++ b/clients/client-comprehend/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-comprehend/src/ComprehendClient.ts b/clients/client-comprehend/src/ComprehendClient.ts index 247e460c2b084..3e6c029e835a7 100644 --- a/clients/client-comprehend/src/ComprehendClient.ts +++ b/clients/client-comprehend/src/ComprehendClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultComprehendHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDetectDominantLanguageCommandInput, BatchDetectDominantLanguageCommandOutput, @@ -591,21 +596,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -644,8 +650,8 @@ export type ComprehendClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -664,8 +670,8 @@ export type ComprehendClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -699,8 +705,8 @@ export class ComprehendClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -709,8 +715,14 @@ export class ComprehendClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -721,4 +733,13 @@ export class ComprehendClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultComprehendHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ComprehendClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-comprehend/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-comprehend/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5eb92709ff671 --- /dev/null +++ b/clients/client-comprehend/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ComprehendHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComprehendHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ComprehendHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ComprehendHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComprehendHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ComprehendHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-comprehend/src/auth/httpAuthSchemeProvider.ts b/clients/client-comprehend/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4f21e4d786c58 --- /dev/null +++ b/clients/client-comprehend/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ComprehendClientConfig, ComprehendClientResolvedConfig } from "../ComprehendClient"; + +/** + * @internal + */ +export interface ComprehendHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ComprehendHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ComprehendClientResolvedConfig, + HandlerExecutionContext, + ComprehendHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultComprehendHttpAuthSchemeParametersProvider = async ( + config: ComprehendClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ComprehendHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "comprehend", + region: authParameters.region, + }, + propertiesExtractor: (config: ComprehendClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ComprehendHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultComprehendHttpAuthSchemeProvider: ComprehendHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ComprehendHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ComprehendHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-comprehend/src/extensionConfiguration.ts b/clients/client-comprehend/src/extensionConfiguration.ts index 0ae59ef90ea90..fa3c624e4b004 100644 --- a/clients/client-comprehend/src/extensionConfiguration.ts +++ b/clients/client-comprehend/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ComprehendExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-comprehend/src/runtimeConfig.shared.ts b/clients/client-comprehend/src/runtimeConfig.shared.ts index d921f82ab026c..bbc93dde02707 100644 --- a/clients/client-comprehend/src/runtimeConfig.shared.ts +++ b/clients/client-comprehend/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultComprehendHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ComprehendClientConfig } from "./ComprehendClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ComprehendClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultComprehendHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Comprehend", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-comprehend/src/runtimeExtensions.ts b/clients/client-comprehend/src/runtimeExtensions.ts index 7fc0492e2c389..5fe27ebb3758b 100644 --- a/clients/client-comprehend/src/runtimeExtensions.ts +++ b/clients/client-comprehend/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ComprehendExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-comprehendmedical/package.json b/clients/client-comprehendmedical/package.json index 671eab42dd5e7..07e421a80fa3c 100644 --- a/clients/client-comprehendmedical/package.json +++ b/clients/client-comprehendmedical/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-comprehendmedical/src/ComprehendMedicalClient.ts b/clients/client-comprehendmedical/src/ComprehendMedicalClient.ts index 5f14244aa5c45..30187c86b516e 100644 --- a/clients/client-comprehendmedical/src/ComprehendMedicalClient.ts +++ b/clients/client-comprehendmedical/src/ComprehendMedicalClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultComprehendMedicalHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeEntitiesDetectionV2JobCommandInput, DescribeEntitiesDetectionV2JobCommandOutput, @@ -294,21 +299,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -347,8 +353,8 @@ export type ComprehendMedicalClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -367,8 +373,8 @@ export type ComprehendMedicalClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -399,8 +405,8 @@ export class ComprehendMedicalClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -409,8 +415,14 @@ export class ComprehendMedicalClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -421,4 +433,13 @@ export class ComprehendMedicalClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultComprehendMedicalHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ComprehendMedicalClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-comprehendmedical/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-comprehendmedical/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b03529414a058 --- /dev/null +++ b/clients/client-comprehendmedical/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ComprehendMedicalHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComprehendMedicalHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ComprehendMedicalHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ComprehendMedicalHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComprehendMedicalHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ComprehendMedicalHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-comprehendmedical/src/auth/httpAuthSchemeProvider.ts b/clients/client-comprehendmedical/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0ddbc9e3fb9d1 --- /dev/null +++ b/clients/client-comprehendmedical/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ComprehendMedicalClientConfig, ComprehendMedicalClientResolvedConfig } from "../ComprehendMedicalClient"; + +/** + * @internal + */ +export interface ComprehendMedicalHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ComprehendMedicalHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ComprehendMedicalClientResolvedConfig, + HandlerExecutionContext, + ComprehendMedicalHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultComprehendMedicalHttpAuthSchemeParametersProvider = async ( + config: ComprehendMedicalClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ComprehendMedicalHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "comprehendmedical", + region: authParameters.region, + }, + propertiesExtractor: (config: ComprehendMedicalClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ComprehendMedicalHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultComprehendMedicalHttpAuthSchemeProvider: ComprehendMedicalHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ComprehendMedicalHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ComprehendMedicalHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-comprehendmedical/src/extensionConfiguration.ts b/clients/client-comprehendmedical/src/extensionConfiguration.ts index fcbfa47e2d64d..da33fb4c140b5 100644 --- a/clients/client-comprehendmedical/src/extensionConfiguration.ts +++ b/clients/client-comprehendmedical/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ComprehendMedicalExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-comprehendmedical/src/runtimeConfig.shared.ts b/clients/client-comprehendmedical/src/runtimeConfig.shared.ts index 21e23ee8eb243..cfc24c3570f51 100644 --- a/clients/client-comprehendmedical/src/runtimeConfig.shared.ts +++ b/clients/client-comprehendmedical/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultComprehendMedicalHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ComprehendMedicalClientConfig } from "./ComprehendMedicalClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ComprehendMedicalClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultComprehendMedicalHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ComprehendMedical", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-comprehendmedical/src/runtimeExtensions.ts b/clients/client-comprehendmedical/src/runtimeExtensions.ts index d47c77cfcf8c5..ac6209ce78dd0 100644 --- a/clients/client-comprehendmedical/src/runtimeExtensions.ts +++ b/clients/client-comprehendmedical/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ComprehendMedicalExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-compute-optimizer/package.json b/clients/client-compute-optimizer/package.json index ff97b08cd670a..722cfabfe279d 100644 --- a/clients/client-compute-optimizer/package.json +++ b/clients/client-compute-optimizer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-compute-optimizer/src/ComputeOptimizerClient.ts b/clients/client-compute-optimizer/src/ComputeOptimizerClient.ts index ccf56ff12e280..a0a50f1b40530 100644 --- a/clients/client-compute-optimizer/src/ComputeOptimizerClient.ts +++ b/clients/client-compute-optimizer/src/ComputeOptimizerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultComputeOptimizerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteRecommendationPreferencesCommandInput, DeleteRecommendationPreferencesCommandOutput, @@ -294,21 +299,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -347,8 +353,8 @@ export type ComputeOptimizerClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -367,8 +373,8 @@ export type ComputeOptimizerClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -410,8 +416,8 @@ export class ComputeOptimizerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -420,8 +426,14 @@ export class ComputeOptimizerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -432,4 +444,13 @@ export class ComputeOptimizerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultComputeOptimizerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ComputeOptimizerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-compute-optimizer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-compute-optimizer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fe1bd12618544 --- /dev/null +++ b/clients/client-compute-optimizer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ComputeOptimizerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComputeOptimizerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ComputeOptimizerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ComputeOptimizerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ComputeOptimizerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ComputeOptimizerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-compute-optimizer/src/auth/httpAuthSchemeProvider.ts b/clients/client-compute-optimizer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9c828889a4425 --- /dev/null +++ b/clients/client-compute-optimizer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ComputeOptimizerClientConfig, ComputeOptimizerClientResolvedConfig } from "../ComputeOptimizerClient"; + +/** + * @internal + */ +export interface ComputeOptimizerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ComputeOptimizerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ComputeOptimizerClientResolvedConfig, + HandlerExecutionContext, + ComputeOptimizerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultComputeOptimizerHttpAuthSchemeParametersProvider = async ( + config: ComputeOptimizerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ComputeOptimizerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "compute-optimizer", + region: authParameters.region, + }, + propertiesExtractor: (config: ComputeOptimizerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ComputeOptimizerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultComputeOptimizerHttpAuthSchemeProvider: ComputeOptimizerHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ComputeOptimizerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ComputeOptimizerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-compute-optimizer/src/extensionConfiguration.ts b/clients/client-compute-optimizer/src/extensionConfiguration.ts index 81b32706a8c40..ecb27161af550 100644 --- a/clients/client-compute-optimizer/src/extensionConfiguration.ts +++ b/clients/client-compute-optimizer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ComputeOptimizerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-compute-optimizer/src/runtimeConfig.shared.ts b/clients/client-compute-optimizer/src/runtimeConfig.shared.ts index b1a4513899510..914856115d084 100644 --- a/clients/client-compute-optimizer/src/runtimeConfig.shared.ts +++ b/clients/client-compute-optimizer/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultComputeOptimizerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ComputeOptimizerClientConfig } from "./ComputeOptimizerClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ComputeOptimizerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultComputeOptimizerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Compute Optimizer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-compute-optimizer/src/runtimeExtensions.ts b/clients/client-compute-optimizer/src/runtimeExtensions.ts index e8f5fca9cccf3..949109cf3f944 100644 --- a/clients/client-compute-optimizer/src/runtimeExtensions.ts +++ b/clients/client-compute-optimizer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ComputeOptimizerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-config-service/package.json b/clients/client-config-service/package.json index 09b969b846765..703698aaa7395 100644 --- a/clients/client-config-service/package.json +++ b/clients/client-config-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-config-service/src/ConfigServiceClient.ts b/clients/client-config-service/src/ConfigServiceClient.ts index 823bf49968b5e..51e0b4e8f74b8 100644 --- a/clients/client-config-service/src/ConfigServiceClient.ts +++ b/clients/client-config-service/src/ConfigServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConfigServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetAggregateResourceConfigCommandInput, BatchGetAggregateResourceConfigCommandOutput, @@ -672,21 +677,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -725,8 +731,8 @@ export type ConfigServiceClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -745,8 +751,8 @@ export type ConfigServiceClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -797,8 +803,8 @@ export class ConfigServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -807,8 +813,14 @@ export class ConfigServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -819,4 +831,13 @@ export class ConfigServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConfigServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConfigServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-config-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-config-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..df05c9010a761 --- /dev/null +++ b/clients/client-config-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConfigServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConfigServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConfigServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConfigServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConfigServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConfigServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-config-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-config-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7fee7d953d1f5 --- /dev/null +++ b/clients/client-config-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConfigServiceClientConfig, ConfigServiceClientResolvedConfig } from "../ConfigServiceClient"; + +/** + * @internal + */ +export interface ConfigServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConfigServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConfigServiceClientResolvedConfig, + HandlerExecutionContext, + ConfigServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConfigServiceHttpAuthSchemeParametersProvider = async ( + config: ConfigServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConfigServiceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "config", + region: authParameters.region, + }, + propertiesExtractor: (config: ConfigServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConfigServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConfigServiceHttpAuthSchemeProvider: ConfigServiceHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConfigServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConfigServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-config-service/src/extensionConfiguration.ts b/clients/client-config-service/src/extensionConfiguration.ts index 0519761580740..31b25b9931986 100644 --- a/clients/client-config-service/src/extensionConfiguration.ts +++ b/clients/client-config-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConfigServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-config-service/src/runtimeConfig.shared.ts b/clients/client-config-service/src/runtimeConfig.shared.ts index 5415bdabff79d..62d587a689163 100644 --- a/clients/client-config-service/src/runtimeConfig.shared.ts +++ b/clients/client-config-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConfigServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConfigServiceClientConfig } from "./ConfigServiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConfigServiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConfigServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Config Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-config-service/src/runtimeExtensions.ts b/clients/client-config-service/src/runtimeExtensions.ts index edd2f8ae95ec0..ce6037c5e99a8 100644 --- a/clients/client-config-service/src/runtimeExtensions.ts +++ b/clients/client-config-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConfigServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-connect-contact-lens/package.json b/clients/client-connect-contact-lens/package.json index fab33e867feb0..a447021d57981 100644 --- a/clients/client-connect-contact-lens/package.json +++ b/clients/client-connect-contact-lens/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-connect-contact-lens/src/ConnectContactLensClient.ts b/clients/client-connect-contact-lens/src/ConnectContactLensClient.ts index c67b42cd84e2d..a497a297c5351 100644 --- a/clients/client-connect-contact-lens/src/ConnectContactLensClient.ts +++ b/clients/client-connect-contact-lens/src/ConnectContactLensClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConnectContactLensHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ListRealtimeContactAnalysisSegmentsCommandInput, ListRealtimeContactAnalysisSegmentsCommandOutput, @@ -160,21 +165,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -213,8 +219,8 @@ export type ConnectContactLensClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -233,8 +239,8 @@ export type ConnectContactLensClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -271,8 +277,8 @@ export class ConnectContactLensClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -281,8 +287,14 @@ export class ConnectContactLensClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -293,4 +305,13 @@ export class ConnectContactLensClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConnectContactLensHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConnectContactLensClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-connect-contact-lens/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-connect-contact-lens/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6421019dac567 --- /dev/null +++ b/clients/client-connect-contact-lens/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConnectContactLensHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectContactLensHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConnectContactLensHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConnectContactLensHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectContactLensHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConnectContactLensHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-connect-contact-lens/src/auth/httpAuthSchemeProvider.ts b/clients/client-connect-contact-lens/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..43a81df0cd748 --- /dev/null +++ b/clients/client-connect-contact-lens/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConnectContactLensClientConfig, ConnectContactLensClientResolvedConfig } from "../ConnectContactLensClient"; + +/** + * @internal + */ +export interface ConnectContactLensHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConnectContactLensHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConnectContactLensClientResolvedConfig, + HandlerExecutionContext, + ConnectContactLensHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConnectContactLensHttpAuthSchemeParametersProvider = async ( + config: ConnectContactLensClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConnectContactLensHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "connect", + region: authParameters.region, + }, + propertiesExtractor: (config: ConnectContactLensClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConnectContactLensHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConnectContactLensHttpAuthSchemeProvider: ConnectContactLensHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConnectContactLensHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConnectContactLensHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-connect-contact-lens/src/extensionConfiguration.ts b/clients/client-connect-contact-lens/src/extensionConfiguration.ts index ec1847c6b18fd..10fcd53aba62e 100644 --- a/clients/client-connect-contact-lens/src/extensionConfiguration.ts +++ b/clients/client-connect-contact-lens/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConnectContactLensExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-connect-contact-lens/src/runtimeConfig.shared.ts b/clients/client-connect-contact-lens/src/runtimeConfig.shared.ts index a36fc2a08f973..f80909f6a0f04 100644 --- a/clients/client-connect-contact-lens/src/runtimeConfig.shared.ts +++ b/clients/client-connect-contact-lens/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConnectContactLensHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConnectContactLensClientConfig } from "./ConnectContactLensClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConnectContactLensClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConnectContactLensHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Connect Contact Lens", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-connect-contact-lens/src/runtimeExtensions.ts b/clients/client-connect-contact-lens/src/runtimeExtensions.ts index 73078b259315a..7a4eaf4f88cae 100644 --- a/clients/client-connect-contact-lens/src/runtimeExtensions.ts +++ b/clients/client-connect-contact-lens/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConnectContactLensExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-connect/package.json b/clients/client-connect/package.json index cb7cb6aefb3be..6f12cadb78ae2 100644 --- a/clients/client-connect/package.json +++ b/clients/client-connect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-connect/src/ConnectClient.ts b/clients/client-connect/src/ConnectClient.ts index a584a9787e58f..7f0237f8381b0 100644 --- a/clients/client-connect/src/ConnectClient.ts +++ b/clients/client-connect/src/ConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivateEvaluationFormCommandInput, ActivateEvaluationFormCommandOutput, @@ -1317,21 +1322,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1370,8 +1376,8 @@ export type ConnectClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1390,8 +1396,8 @@ export type ConnectClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1432,8 +1438,8 @@ export class ConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1442,8 +1448,14 @@ export class ConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1454,4 +1466,13 @@ export class ConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-connect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-connect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4c7d160348bc9 --- /dev/null +++ b/clients/client-connect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-connect/src/auth/httpAuthSchemeProvider.ts b/clients/client-connect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a11f18b557bab --- /dev/null +++ b/clients/client-connect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConnectClientConfig, ConnectClientResolvedConfig } from "../ConnectClient"; + +/** + * @internal + */ +export interface ConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConnectClientResolvedConfig, + HandlerExecutionContext, + ConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConnectHttpAuthSchemeParametersProvider = async ( + config: ConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "connect", + region: authParameters.region, + }, + propertiesExtractor: (config: ConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConnectHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConnectHttpAuthSchemeProvider: ConnectHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-connect/src/extensionConfiguration.ts b/clients/client-connect/src/extensionConfiguration.ts index d380de60f82a4..a69d51588f454 100644 --- a/clients/client-connect/src/extensionConfiguration.ts +++ b/clients/client-connect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-connect/src/runtimeConfig.shared.ts b/clients/client-connect/src/runtimeConfig.shared.ts index f07f77f25892b..57072420fe370 100644 --- a/clients/client-connect/src/runtimeConfig.shared.ts +++ b/clients/client-connect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConnectClientConfig } from "./ConnectClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Connect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-connect/src/runtimeExtensions.ts b/clients/client-connect/src/runtimeExtensions.ts index 83596c7e79e95..9266b15c7654c 100644 --- a/clients/client-connect/src/runtimeExtensions.ts +++ b/clients/client-connect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-connectcampaigns/package.json b/clients/client-connectcampaigns/package.json index 810c2d3052d74..9e7f172671e53 100644 --- a/clients/client-connectcampaigns/package.json +++ b/clients/client-connectcampaigns/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-connectcampaigns/src/ConnectCampaignsClient.ts b/clients/client-connectcampaigns/src/ConnectCampaignsClient.ts index acb3d648f805e..4111ac9f0d1e8 100644 --- a/clients/client-connectcampaigns/src/ConnectCampaignsClient.ts +++ b/clients/client-connectcampaigns/src/ConnectCampaignsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConnectCampaignsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCampaignCommandInput, CreateCampaignCommandOutput } from "./commands/CreateCampaignCommand"; import { DeleteCampaignCommandInput, DeleteCampaignCommandOutput } from "./commands/DeleteCampaignCommand"; import { @@ -252,21 +257,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -305,8 +311,8 @@ export type ConnectCampaignsClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -325,8 +331,8 @@ export type ConnectCampaignsClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -357,8 +363,8 @@ export class ConnectCampaignsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -367,8 +373,14 @@ export class ConnectCampaignsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -379,4 +391,13 @@ export class ConnectCampaignsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConnectCampaignsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConnectCampaignsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-connectcampaigns/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-connectcampaigns/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8ade320d98539 --- /dev/null +++ b/clients/client-connectcampaigns/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConnectCampaignsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectCampaignsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConnectCampaignsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConnectCampaignsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectCampaignsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConnectCampaignsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-connectcampaigns/src/auth/httpAuthSchemeProvider.ts b/clients/client-connectcampaigns/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bd093ea388300 --- /dev/null +++ b/clients/client-connectcampaigns/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConnectCampaignsClientConfig, ConnectCampaignsClientResolvedConfig } from "../ConnectCampaignsClient"; + +/** + * @internal + */ +export interface ConnectCampaignsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConnectCampaignsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConnectCampaignsClientResolvedConfig, + HandlerExecutionContext, + ConnectCampaignsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConnectCampaignsHttpAuthSchemeParametersProvider = async ( + config: ConnectCampaignsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConnectCampaignsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "connect-campaigns", + region: authParameters.region, + }, + propertiesExtractor: (config: ConnectCampaignsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConnectCampaignsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConnectCampaignsHttpAuthSchemeProvider: ConnectCampaignsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConnectCampaignsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConnectCampaignsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-connectcampaigns/src/extensionConfiguration.ts b/clients/client-connectcampaigns/src/extensionConfiguration.ts index 61e6337f8e049..98ad7af612e16 100644 --- a/clients/client-connectcampaigns/src/extensionConfiguration.ts +++ b/clients/client-connectcampaigns/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConnectCampaignsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-connectcampaigns/src/runtimeConfig.shared.ts b/clients/client-connectcampaigns/src/runtimeConfig.shared.ts index 8f2850248c5a6..d0b0b0240395e 100644 --- a/clients/client-connectcampaigns/src/runtimeConfig.shared.ts +++ b/clients/client-connectcampaigns/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConnectCampaignsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConnectCampaignsClientConfig } from "./ConnectCampaignsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConnectCampaignsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConnectCampaignsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ConnectCampaigns", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-connectcampaigns/src/runtimeExtensions.ts b/clients/client-connectcampaigns/src/runtimeExtensions.ts index b8f2efb678f97..7de5162879303 100644 --- a/clients/client-connectcampaigns/src/runtimeExtensions.ts +++ b/clients/client-connectcampaigns/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConnectCampaignsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-connectcases/package.json b/clients/client-connectcases/package.json index aac6d6fa0bc8e..c4ae9b80ce594 100644 --- a/clients/client-connectcases/package.json +++ b/clients/client-connectcases/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-connectcases/src/ConnectCasesClient.ts b/clients/client-connectcases/src/ConnectCasesClient.ts index 8721651110239..fc60e73254f9d 100644 --- a/clients/client-connectcases/src/ConnectCasesClient.ts +++ b/clients/client-connectcases/src/ConnectCasesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConnectCasesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetFieldCommandInput, BatchGetFieldCommandOutput } from "./commands/BatchGetFieldCommand"; import { BatchPutFieldOptionsCommandInput, @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type ConnectCasesClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type ConnectCasesClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -373,8 +379,8 @@ export class ConnectCasesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -383,8 +389,14 @@ export class ConnectCasesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -395,4 +407,13 @@ export class ConnectCasesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConnectCasesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConnectCasesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-connectcases/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-connectcases/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c14f635d1daa7 --- /dev/null +++ b/clients/client-connectcases/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConnectCasesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectCasesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConnectCasesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConnectCasesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectCasesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConnectCasesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-connectcases/src/auth/httpAuthSchemeProvider.ts b/clients/client-connectcases/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..be04596785971 --- /dev/null +++ b/clients/client-connectcases/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConnectCasesClientConfig, ConnectCasesClientResolvedConfig } from "../ConnectCasesClient"; + +/** + * @internal + */ +export interface ConnectCasesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConnectCasesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConnectCasesClientResolvedConfig, + HandlerExecutionContext, + ConnectCasesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConnectCasesHttpAuthSchemeParametersProvider = async ( + config: ConnectCasesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConnectCasesHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cases", + region: authParameters.region, + }, + propertiesExtractor: (config: ConnectCasesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConnectCasesHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConnectCasesHttpAuthSchemeProvider: ConnectCasesHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConnectCasesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConnectCasesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-connectcases/src/extensionConfiguration.ts b/clients/client-connectcases/src/extensionConfiguration.ts index 0b61cd1c573fd..53d4d4f208819 100644 --- a/clients/client-connectcases/src/extensionConfiguration.ts +++ b/clients/client-connectcases/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConnectCasesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-connectcases/src/runtimeConfig.shared.ts b/clients/client-connectcases/src/runtimeConfig.shared.ts index 7d48e61ffa56e..b7a07060f4c00 100644 --- a/clients/client-connectcases/src/runtimeConfig.shared.ts +++ b/clients/client-connectcases/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConnectCasesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConnectCasesClientConfig } from "./ConnectCasesClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConnectCasesClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConnectCasesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ConnectCases", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-connectcases/src/runtimeExtensions.ts b/clients/client-connectcases/src/runtimeExtensions.ts index 82cb151daf3c6..ebe60aab1196b 100644 --- a/clients/client-connectcases/src/runtimeExtensions.ts +++ b/clients/client-connectcases/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConnectCasesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-connectparticipant/package.json b/clients/client-connectparticipant/package.json index eb27dbc952e9b..cdee279b8ee1c 100644 --- a/clients/client-connectparticipant/package.json +++ b/clients/client-connectparticipant/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-connectparticipant/src/ConnectParticipantClient.ts b/clients/client-connectparticipant/src/ConnectParticipantClient.ts index 6becb9537ee03..1e46de1f28f9f 100644 --- a/clients/client-connectparticipant/src/ConnectParticipantClient.ts +++ b/clients/client-connectparticipant/src/ConnectParticipantClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { @@ -38,6 +36,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultConnectParticipantHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CompleteAttachmentUploadCommandInput, CompleteAttachmentUploadCommandOutput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type ConnectParticipantClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type ConnectParticipantClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -314,8 +320,8 @@ export class ConnectParticipantClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -324,9 +330,15 @@ export class ConnectParticipantClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); this.middlewareStack.use(getOmitRetryHeadersPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -337,4 +349,13 @@ export class ConnectParticipantClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultConnectParticipantHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ConnectParticipantClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-connectparticipant/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-connectparticipant/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..353a506a85f7e --- /dev/null +++ b/clients/client-connectparticipant/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ConnectParticipantHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectParticipantHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ConnectParticipantHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ConnectParticipantHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ConnectParticipantHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ConnectParticipantHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-connectparticipant/src/auth/httpAuthSchemeProvider.ts b/clients/client-connectparticipant/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4bd5c0327533e --- /dev/null +++ b/clients/client-connectparticipant/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ConnectParticipantClientConfig, ConnectParticipantClientResolvedConfig } from "../ConnectParticipantClient"; + +/** + * @internal + */ +export interface ConnectParticipantHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ConnectParticipantHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ConnectParticipantClientResolvedConfig, + HandlerExecutionContext, + ConnectParticipantHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultConnectParticipantHttpAuthSchemeParametersProvider = async ( + config: ConnectParticipantClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ConnectParticipantHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "execute-api", + region: authParameters.region, + }, + propertiesExtractor: (config: ConnectParticipantClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ConnectParticipantHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultConnectParticipantHttpAuthSchemeProvider: ConnectParticipantHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ConnectParticipantHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ConnectParticipantHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-connectparticipant/src/extensionConfiguration.ts b/clients/client-connectparticipant/src/extensionConfiguration.ts index 93e162959d5d8..1fa5718a163f4 100644 --- a/clients/client-connectparticipant/src/extensionConfiguration.ts +++ b/clients/client-connectparticipant/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ConnectParticipantExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-connectparticipant/src/runtimeConfig.shared.ts b/clients/client-connectparticipant/src/runtimeConfig.shared.ts index 298a4e7f20b65..ef88ad3e41488 100644 --- a/clients/client-connectparticipant/src/runtimeConfig.shared.ts +++ b/clients/client-connectparticipant/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultConnectParticipantHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ConnectParticipantClientConfig } from "./ConnectParticipantClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ConnectParticipantClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultConnectParticipantHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ConnectParticipant", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-connectparticipant/src/runtimeExtensions.ts b/clients/client-connectparticipant/src/runtimeExtensions.ts index 155f50ef95deb..46a28226acd91 100644 --- a/clients/client-connectparticipant/src/runtimeExtensions.ts +++ b/clients/client-connectparticipant/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ConnectParticipantExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-controltower/package.json b/clients/client-controltower/package.json index 9e560310423a6..c4983ef03b423 100644 --- a/clients/client-controltower/package.json +++ b/clients/client-controltower/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-controltower/src/ControlTowerClient.ts b/clients/client-controltower/src/ControlTowerClient.ts index 2a6627ad4f100..255d71bab3e5f 100644 --- a/clients/client-controltower/src/ControlTowerClient.ts +++ b/clients/client-controltower/src/ControlTowerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultControlTowerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateLandingZoneCommandInput, CreateLandingZoneCommandOutput } from "./commands/CreateLandingZoneCommand"; import { DeleteLandingZoneCommandInput, DeleteLandingZoneCommandOutput } from "./commands/DeleteLandingZoneCommand"; import { DisableControlCommandInput, DisableControlCommandOutput } from "./commands/DisableControlCommand"; @@ -219,21 +224,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -272,8 +278,8 @@ export type ControlTowerClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export type ControlTowerClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -429,8 +435,8 @@ export class ControlTowerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -439,8 +445,14 @@ export class ControlTowerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -451,4 +463,13 @@ export class ControlTowerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultControlTowerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ControlTowerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-controltower/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-controltower/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b33bce860f363 --- /dev/null +++ b/clients/client-controltower/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ControlTowerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ControlTowerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ControlTowerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ControlTowerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ControlTowerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ControlTowerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-controltower/src/auth/httpAuthSchemeProvider.ts b/clients/client-controltower/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..345bb93c11273 --- /dev/null +++ b/clients/client-controltower/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ControlTowerClientConfig, ControlTowerClientResolvedConfig } from "../ControlTowerClient"; + +/** + * @internal + */ +export interface ControlTowerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ControlTowerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ControlTowerClientResolvedConfig, + HandlerExecutionContext, + ControlTowerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultControlTowerHttpAuthSchemeParametersProvider = async ( + config: ControlTowerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ControlTowerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "controltower", + region: authParameters.region, + }, + propertiesExtractor: (config: ControlTowerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ControlTowerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultControlTowerHttpAuthSchemeProvider: ControlTowerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ControlTowerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ControlTowerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-controltower/src/extensionConfiguration.ts b/clients/client-controltower/src/extensionConfiguration.ts index 3b633ee2c6d35..6c2a77f4588fe 100644 --- a/clients/client-controltower/src/extensionConfiguration.ts +++ b/clients/client-controltower/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ControlTowerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-controltower/src/runtimeConfig.shared.ts b/clients/client-controltower/src/runtimeConfig.shared.ts index 3c52525772253..4d61c2956c982 100644 --- a/clients/client-controltower/src/runtimeConfig.shared.ts +++ b/clients/client-controltower/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultControlTowerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ControlTowerClientConfig } from "./ControlTowerClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ControlTowerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultControlTowerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ControlTower", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-controltower/src/runtimeExtensions.ts b/clients/client-controltower/src/runtimeExtensions.ts index 6c64c13bd8537..6fea9ae653b74 100644 --- a/clients/client-controltower/src/runtimeExtensions.ts +++ b/clients/client-controltower/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ControlTowerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cost-and-usage-report-service/package.json b/clients/client-cost-and-usage-report-service/package.json index 53a3c58809e6a..91562e26ace40 100644 --- a/clients/client-cost-and-usage-report-service/package.json +++ b/clients/client-cost-and-usage-report-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cost-and-usage-report-service/src/CostAndUsageReportServiceClient.ts b/clients/client-cost-and-usage-report-service/src/CostAndUsageReportServiceClient.ts index a8c97caa4876a..f1843f8ab0d65 100644 --- a/clients/client-cost-and-usage-report-service/src/CostAndUsageReportServiceClient.ts +++ b/clients/client-cost-and-usage-report-service/src/CostAndUsageReportServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCostAndUsageReportServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteReportDefinitionCommandInput, DeleteReportDefinitionCommandOutput, @@ -192,21 +197,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -245,8 +251,8 @@ export type CostAndUsageReportServiceClientConfigType = Partial<__SmithyConfigur EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -265,8 +271,8 @@ export type CostAndUsageReportServiceClientResolvedConfigType = __SmithyResolved EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -314,8 +320,8 @@ export class CostAndUsageReportServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -324,8 +330,14 @@ export class CostAndUsageReportServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -336,4 +348,13 @@ export class CostAndUsageReportServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCostAndUsageReportServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CostAndUsageReportServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cost-and-usage-report-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cost-and-usage-report-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3f4d39b9dc89f --- /dev/null +++ b/clients/client-cost-and-usage-report-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CostAndUsageReportServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostAndUsageReportServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CostAndUsageReportServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CostAndUsageReportServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostAndUsageReportServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CostAndUsageReportServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cost-and-usage-report-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-cost-and-usage-report-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0aa3e98244ec0 --- /dev/null +++ b/clients/client-cost-and-usage-report-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + CostAndUsageReportServiceClientConfig, + CostAndUsageReportServiceClientResolvedConfig, +} from "../CostAndUsageReportServiceClient"; + +/** + * @internal + */ +export interface CostAndUsageReportServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CostAndUsageReportServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CostAndUsageReportServiceClientResolvedConfig, + HandlerExecutionContext, + CostAndUsageReportServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCostAndUsageReportServiceHttpAuthSchemeParametersProvider = async ( + config: CostAndUsageReportServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: CostAndUsageReportServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cur", + region: authParameters.region, + }, + propertiesExtractor: (config: CostAndUsageReportServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CostAndUsageReportServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCostAndUsageReportServiceHttpAuthSchemeProvider: CostAndUsageReportServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CostAndUsageReportServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CostAndUsageReportServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cost-and-usage-report-service/src/extensionConfiguration.ts b/clients/client-cost-and-usage-report-service/src/extensionConfiguration.ts index 82a7a19209b6c..eb98897b1bcda 100644 --- a/clients/client-cost-and-usage-report-service/src/extensionConfiguration.ts +++ b/clients/client-cost-and-usage-report-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CostAndUsageReportServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cost-and-usage-report-service/src/runtimeConfig.shared.ts b/clients/client-cost-and-usage-report-service/src/runtimeConfig.shared.ts index 95e088cddaab8..df48bb6ed7194 100644 --- a/clients/client-cost-and-usage-report-service/src/runtimeConfig.shared.ts +++ b/clients/client-cost-and-usage-report-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCostAndUsageReportServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CostAndUsageReportServiceClientConfig } from "./CostAndUsageReportServiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CostAndUsageReportServiceClientConfig) disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCostAndUsageReportServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cost and Usage Report Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cost-and-usage-report-service/src/runtimeExtensions.ts b/clients/client-cost-and-usage-report-service/src/runtimeExtensions.ts index 7e1f4d17c2eb1..e1736e8d9b691 100644 --- a/clients/client-cost-and-usage-report-service/src/runtimeExtensions.ts +++ b/clients/client-cost-and-usage-report-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CostAndUsageReportServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cost-explorer/package.json b/clients/client-cost-explorer/package.json index ad17fa42be73a..166f3bbebc801 100644 --- a/clients/client-cost-explorer/package.json +++ b/clients/client-cost-explorer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cost-explorer/src/CostExplorerClient.ts b/clients/client-cost-explorer/src/CostExplorerClient.ts index adafad06b072d..b061d3ef63182 100644 --- a/clients/client-cost-explorer/src/CostExplorerClient.ts +++ b/clients/client-cost-explorer/src/CostExplorerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCostExplorerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAnomalyMonitorCommandInput, CreateAnomalyMonitorCommandOutput, @@ -354,21 +359,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -407,8 +413,8 @@ export type CostExplorerClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export type CostExplorerClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -474,8 +480,8 @@ export class CostExplorerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -484,8 +490,14 @@ export class CostExplorerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -496,4 +508,13 @@ export class CostExplorerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCostExplorerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CostExplorerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cost-explorer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cost-explorer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e787e8548456d --- /dev/null +++ b/clients/client-cost-explorer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CostExplorerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostExplorerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CostExplorerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CostExplorerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostExplorerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CostExplorerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cost-explorer/src/auth/httpAuthSchemeProvider.ts b/clients/client-cost-explorer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bc9c186c1b6bf --- /dev/null +++ b/clients/client-cost-explorer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CostExplorerClientConfig, CostExplorerClientResolvedConfig } from "../CostExplorerClient"; + +/** + * @internal + */ +export interface CostExplorerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CostExplorerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CostExplorerClientResolvedConfig, + HandlerExecutionContext, + CostExplorerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCostExplorerHttpAuthSchemeParametersProvider = async ( + config: CostExplorerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CostExplorerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ce", + region: authParameters.region, + }, + propertiesExtractor: (config: CostExplorerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CostExplorerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCostExplorerHttpAuthSchemeProvider: CostExplorerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CostExplorerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CostExplorerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cost-explorer/src/extensionConfiguration.ts b/clients/client-cost-explorer/src/extensionConfiguration.ts index 4f58678b3d1ce..7b76d4d65c28c 100644 --- a/clients/client-cost-explorer/src/extensionConfiguration.ts +++ b/clients/client-cost-explorer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CostExplorerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cost-explorer/src/runtimeConfig.shared.ts b/clients/client-cost-explorer/src/runtimeConfig.shared.ts index 8ee3fa7ffbb0d..4b3640cc4e2e7 100644 --- a/clients/client-cost-explorer/src/runtimeConfig.shared.ts +++ b/clients/client-cost-explorer/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCostExplorerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CostExplorerClientConfig } from "./CostExplorerClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CostExplorerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCostExplorerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cost Explorer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cost-explorer/src/runtimeExtensions.ts b/clients/client-cost-explorer/src/runtimeExtensions.ts index 404d1f61da605..ae655ae399056 100644 --- a/clients/client-cost-explorer/src/runtimeExtensions.ts +++ b/clients/client-cost-explorer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CostExplorerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-cost-optimization-hub/package.json b/clients/client-cost-optimization-hub/package.json index 364c396a8b2aa..4caf88e5621b2 100644 --- a/clients/client-cost-optimization-hub/package.json +++ b/clients/client-cost-optimization-hub/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-cost-optimization-hub/src/CostOptimizationHubClient.ts b/clients/client-cost-optimization-hub/src/CostOptimizationHubClient.ts index 76314b28c4a29..f3d87589ea323 100644 --- a/clients/client-cost-optimization-hub/src/CostOptimizationHubClient.ts +++ b/clients/client-cost-optimization-hub/src/CostOptimizationHubClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCostOptimizationHubHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetPreferencesCommandInput, GetPreferencesCommandOutput } from "./commands/GetPreferencesCommand"; import { GetRecommendationCommandInput, GetRecommendationCommandOutput } from "./commands/GetRecommendationCommand"; import { @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type CostOptimizationHubClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type CostOptimizationHubClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export class CostOptimizationHubClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -311,8 +317,14 @@ export class CostOptimizationHubClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -323,4 +335,13 @@ export class CostOptimizationHubClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCostOptimizationHubHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CostOptimizationHubClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-cost-optimization-hub/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-cost-optimization-hub/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..60656b4f1ca42 --- /dev/null +++ b/clients/client-cost-optimization-hub/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CostOptimizationHubHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostOptimizationHubHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CostOptimizationHubHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CostOptimizationHubHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CostOptimizationHubHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CostOptimizationHubHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-cost-optimization-hub/src/auth/httpAuthSchemeProvider.ts b/clients/client-cost-optimization-hub/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e441e17b11bc2 --- /dev/null +++ b/clients/client-cost-optimization-hub/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CostOptimizationHubClientConfig, CostOptimizationHubClientResolvedConfig } from "../CostOptimizationHubClient"; + +/** + * @internal + */ +export interface CostOptimizationHubHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CostOptimizationHubHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CostOptimizationHubClientResolvedConfig, + HandlerExecutionContext, + CostOptimizationHubHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCostOptimizationHubHttpAuthSchemeParametersProvider = async ( + config: CostOptimizationHubClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CostOptimizationHubHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cost-optimization-hub", + region: authParameters.region, + }, + propertiesExtractor: (config: CostOptimizationHubClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CostOptimizationHubHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCostOptimizationHubHttpAuthSchemeProvider: CostOptimizationHubHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CostOptimizationHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CostOptimizationHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-cost-optimization-hub/src/extensionConfiguration.ts b/clients/client-cost-optimization-hub/src/extensionConfiguration.ts index 3f57b19fe344e..e8113a08a8460 100644 --- a/clients/client-cost-optimization-hub/src/extensionConfiguration.ts +++ b/clients/client-cost-optimization-hub/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CostOptimizationHubExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-cost-optimization-hub/src/runtimeConfig.shared.ts b/clients/client-cost-optimization-hub/src/runtimeConfig.shared.ts index a8068021f2d61..1c1c363429cb6 100644 --- a/clients/client-cost-optimization-hub/src/runtimeConfig.shared.ts +++ b/clients/client-cost-optimization-hub/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCostOptimizationHubHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CostOptimizationHubClientConfig } from "./CostOptimizationHubClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CostOptimizationHubClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCostOptimizationHubHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Cost Optimization Hub", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-cost-optimization-hub/src/runtimeExtensions.ts b/clients/client-cost-optimization-hub/src/runtimeExtensions.ts index d53f1e50fd05a..5a435bfea590e 100644 --- a/clients/client-cost-optimization-hub/src/runtimeExtensions.ts +++ b/clients/client-cost-optimization-hub/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CostOptimizationHubExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-customer-profiles/package.json b/clients/client-customer-profiles/package.json index 32195cb828e23..b7de6c03c14a6 100644 --- a/clients/client-customer-profiles/package.json +++ b/clients/client-customer-profiles/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-customer-profiles/src/CustomerProfilesClient.ts b/clients/client-customer-profiles/src/CustomerProfilesClient.ts index cfc46ee549064..409b0f79d82b7 100644 --- a/clients/client-customer-profiles/src/CustomerProfilesClient.ts +++ b/clients/client-customer-profiles/src/CustomerProfilesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultCustomerProfilesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddProfileKeyCommandInput, AddProfileKeyCommandOutput } from "./commands/AddProfileKeyCommand"; import { CreateCalculatedAttributeDefinitionCommandInput, @@ -378,21 +383,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -431,8 +437,8 @@ export type CustomerProfilesClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -451,8 +457,8 @@ export type CustomerProfilesClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -488,8 +494,8 @@ export class CustomerProfilesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -498,8 +504,14 @@ export class CustomerProfilesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -510,4 +522,13 @@ export class CustomerProfilesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultCustomerProfilesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: CustomerProfilesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-customer-profiles/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-customer-profiles/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..463d7ee5320cc --- /dev/null +++ b/clients/client-customer-profiles/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { CustomerProfilesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CustomerProfilesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): CustomerProfilesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: CustomerProfilesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: CustomerProfilesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): CustomerProfilesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-customer-profiles/src/auth/httpAuthSchemeProvider.ts b/clients/client-customer-profiles/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a3665920a63ae --- /dev/null +++ b/clients/client-customer-profiles/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { CustomerProfilesClientConfig, CustomerProfilesClientResolvedConfig } from "../CustomerProfilesClient"; + +/** + * @internal + */ +export interface CustomerProfilesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface CustomerProfilesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + CustomerProfilesClientResolvedConfig, + HandlerExecutionContext, + CustomerProfilesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultCustomerProfilesHttpAuthSchemeParametersProvider = async ( + config: CustomerProfilesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: CustomerProfilesHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "profile", + region: authParameters.region, + }, + propertiesExtractor: (config: CustomerProfilesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface CustomerProfilesHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultCustomerProfilesHttpAuthSchemeProvider: CustomerProfilesHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: CustomerProfilesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: CustomerProfilesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-customer-profiles/src/extensionConfiguration.ts b/clients/client-customer-profiles/src/extensionConfiguration.ts index 42e3b3be20638..0725c2c744eeb 100644 --- a/clients/client-customer-profiles/src/extensionConfiguration.ts +++ b/clients/client-customer-profiles/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface CustomerProfilesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-customer-profiles/src/runtimeConfig.shared.ts b/clients/client-customer-profiles/src/runtimeConfig.shared.ts index 4871952f138b3..87fc9cb0c03e1 100644 --- a/clients/client-customer-profiles/src/runtimeConfig.shared.ts +++ b/clients/client-customer-profiles/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultCustomerProfilesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { CustomerProfilesClientConfig } from "./CustomerProfilesClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: CustomerProfilesClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultCustomerProfilesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Customer Profiles", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-customer-profiles/src/runtimeExtensions.ts b/clients/client-customer-profiles/src/runtimeExtensions.ts index c30f1d30ce1b7..fcda528723d9b 100644 --- a/clients/client-customer-profiles/src/runtimeExtensions.ts +++ b/clients/client-customer-profiles/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { CustomerProfilesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-data-pipeline/package.json b/clients/client-data-pipeline/package.json index 91616a71d9b5f..34fea8535a76d 100644 --- a/clients/client-data-pipeline/package.json +++ b/clients/client-data-pipeline/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-data-pipeline/src/DataPipelineClient.ts b/clients/client-data-pipeline/src/DataPipelineClient.ts index 002c57740f051..1dbf4d516cfb4 100644 --- a/clients/client-data-pipeline/src/DataPipelineClient.ts +++ b/clients/client-data-pipeline/src/DataPipelineClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDataPipelineHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivatePipelineCommandInput, ActivatePipelineCommandOutput } from "./commands/ActivatePipelineCommand"; import { AddTagsCommandInput, AddTagsCommandOutput } from "./commands/AddTagsCommand"; import { CreatePipelineCommandInput, CreatePipelineCommandOutput } from "./commands/CreatePipelineCommand"; @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type DataPipelineClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type DataPipelineClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -346,8 +352,8 @@ export class DataPipelineClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -356,8 +362,14 @@ export class DataPipelineClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -368,4 +380,13 @@ export class DataPipelineClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDataPipelineHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DataPipelineClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-data-pipeline/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-data-pipeline/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cc6d2f0b3386f --- /dev/null +++ b/clients/client-data-pipeline/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DataPipelineHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataPipelineHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DataPipelineHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DataPipelineHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataPipelineHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DataPipelineHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-data-pipeline/src/auth/httpAuthSchemeProvider.ts b/clients/client-data-pipeline/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7cad97fd7146a --- /dev/null +++ b/clients/client-data-pipeline/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DataPipelineClientConfig, DataPipelineClientResolvedConfig } from "../DataPipelineClient"; + +/** + * @internal + */ +export interface DataPipelineHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DataPipelineHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DataPipelineClientResolvedConfig, + HandlerExecutionContext, + DataPipelineHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDataPipelineHttpAuthSchemeParametersProvider = async ( + config: DataPipelineClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DataPipelineHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "datapipeline", + region: authParameters.region, + }, + propertiesExtractor: (config: DataPipelineClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DataPipelineHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDataPipelineHttpAuthSchemeProvider: DataPipelineHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DataPipelineHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DataPipelineHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-data-pipeline/src/extensionConfiguration.ts b/clients/client-data-pipeline/src/extensionConfiguration.ts index e36ab42fa96be..535a17b8d9fd3 100644 --- a/clients/client-data-pipeline/src/extensionConfiguration.ts +++ b/clients/client-data-pipeline/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DataPipelineExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-data-pipeline/src/runtimeConfig.shared.ts b/clients/client-data-pipeline/src/runtimeConfig.shared.ts index 6db4aecd4455d..b761495b386da 100644 --- a/clients/client-data-pipeline/src/runtimeConfig.shared.ts +++ b/clients/client-data-pipeline/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDataPipelineHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DataPipelineClientConfig } from "./DataPipelineClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DataPipelineClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDataPipelineHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Data Pipeline", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-data-pipeline/src/runtimeExtensions.ts b/clients/client-data-pipeline/src/runtimeExtensions.ts index 726f950626cbe..b1bbfe548b1f1 100644 --- a/clients/client-data-pipeline/src/runtimeExtensions.ts +++ b/clients/client-data-pipeline/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DataPipelineExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-database-migration-service/package.json b/clients/client-database-migration-service/package.json index 579734d781601..067fec1a14fc6 100644 --- a/clients/client-database-migration-service/package.json +++ b/clients/client-database-migration-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-database-migration-service/src/DatabaseMigrationServiceClient.ts b/clients/client-database-migration-service/src/DatabaseMigrationServiceClient.ts index 02a0dd64c2504..24eca1c962448 100644 --- a/clients/client-database-migration-service/src/DatabaseMigrationServiceClient.ts +++ b/clients/client-database-migration-service/src/DatabaseMigrationServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDatabaseMigrationServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToResourceCommandInput, AddTagsToResourceCommandOutput } from "./commands/AddTagsToResourceCommand"; import { ApplyPendingMaintenanceActionCommandInput, @@ -738,21 +743,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -791,8 +797,8 @@ export type DatabaseMigrationServiceClientConfigType = Partial<__SmithyConfigura EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -811,8 +817,8 @@ export type DatabaseMigrationServiceClientResolvedConfigType = __SmithyResolvedC EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -853,8 +859,8 @@ export class DatabaseMigrationServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -863,8 +869,14 @@ export class DatabaseMigrationServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -875,4 +887,13 @@ export class DatabaseMigrationServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDatabaseMigrationServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DatabaseMigrationServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-database-migration-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-database-migration-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0af9717a455b2 --- /dev/null +++ b/clients/client-database-migration-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DatabaseMigrationServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DatabaseMigrationServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DatabaseMigrationServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DatabaseMigrationServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DatabaseMigrationServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DatabaseMigrationServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-database-migration-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-database-migration-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4c97522f8a55b --- /dev/null +++ b/clients/client-database-migration-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + DatabaseMigrationServiceClientConfig, + DatabaseMigrationServiceClientResolvedConfig, +} from "../DatabaseMigrationServiceClient"; + +/** + * @internal + */ +export interface DatabaseMigrationServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DatabaseMigrationServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DatabaseMigrationServiceClientResolvedConfig, + HandlerExecutionContext, + DatabaseMigrationServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDatabaseMigrationServiceHttpAuthSchemeParametersProvider = async ( + config: DatabaseMigrationServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: DatabaseMigrationServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "dms", + region: authParameters.region, + }, + propertiesExtractor: (config: DatabaseMigrationServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DatabaseMigrationServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDatabaseMigrationServiceHttpAuthSchemeProvider: DatabaseMigrationServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DatabaseMigrationServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DatabaseMigrationServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-database-migration-service/src/extensionConfiguration.ts b/clients/client-database-migration-service/src/extensionConfiguration.ts index 7b94a26f550fd..9eddcdf8dd3b2 100644 --- a/clients/client-database-migration-service/src/extensionConfiguration.ts +++ b/clients/client-database-migration-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DatabaseMigrationServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-database-migration-service/src/runtimeConfig.shared.ts b/clients/client-database-migration-service/src/runtimeConfig.shared.ts index f77b0ce2c8cca..6c76924fc124f 100644 --- a/clients/client-database-migration-service/src/runtimeConfig.shared.ts +++ b/clients/client-database-migration-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDatabaseMigrationServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DatabaseMigrationServiceClientConfig } from "./DatabaseMigrationServiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DatabaseMigrationServiceClientConfig) = disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDatabaseMigrationServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Database Migration Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-database-migration-service/src/runtimeExtensions.ts b/clients/client-database-migration-service/src/runtimeExtensions.ts index 5a9ac043c56c3..687d1476e9b35 100644 --- a/clients/client-database-migration-service/src/runtimeExtensions.ts +++ b/clients/client-database-migration-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DatabaseMigrationServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-databrew/package.json b/clients/client-databrew/package.json index 0bacd07b0d7a5..82a1cf15bf3b4 100644 --- a/clients/client-databrew/package.json +++ b/clients/client-databrew/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-databrew/src/DataBrewClient.ts b/clients/client-databrew/src/DataBrewClient.ts index a644c1f4e41c6..ec034e3bcdab9 100644 --- a/clients/client-databrew/src/DataBrewClient.ts +++ b/clients/client-databrew/src/DataBrewClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { @@ -38,6 +36,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDataBrewHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDeleteRecipeVersionCommandInput, BatchDeleteRecipeVersionCommandOutput, @@ -309,21 +314,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -362,8 +368,8 @@ export type DataBrewClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -382,8 +388,8 @@ export type DataBrewClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -417,8 +423,8 @@ export class DataBrewClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -427,9 +433,15 @@ export class DataBrewClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); this.middlewareStack.use(getOmitRetryHeadersPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -440,4 +452,13 @@ export class DataBrewClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDataBrewHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DataBrewClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-databrew/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-databrew/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1d40b37c0d0c8 --- /dev/null +++ b/clients/client-databrew/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DataBrewHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataBrewHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DataBrewHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DataBrewHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataBrewHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DataBrewHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-databrew/src/auth/httpAuthSchemeProvider.ts b/clients/client-databrew/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1b8ee39aa4c6f --- /dev/null +++ b/clients/client-databrew/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DataBrewClientConfig, DataBrewClientResolvedConfig } from "../DataBrewClient"; + +/** + * @internal + */ +export interface DataBrewHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DataBrewHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DataBrewClientResolvedConfig, + HandlerExecutionContext, + DataBrewHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDataBrewHttpAuthSchemeParametersProvider = async ( + config: DataBrewClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DataBrewHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "databrew", + region: authParameters.region, + }, + propertiesExtractor: (config: DataBrewClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DataBrewHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDataBrewHttpAuthSchemeProvider: DataBrewHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DataBrewHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DataBrewHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-databrew/src/extensionConfiguration.ts b/clients/client-databrew/src/extensionConfiguration.ts index 3edb6afca4118..2382fd9dd4a91 100644 --- a/clients/client-databrew/src/extensionConfiguration.ts +++ b/clients/client-databrew/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DataBrewExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-databrew/src/runtimeConfig.shared.ts b/clients/client-databrew/src/runtimeConfig.shared.ts index 0622ca96c471c..d560db4f7dccc 100644 --- a/clients/client-databrew/src/runtimeConfig.shared.ts +++ b/clients/client-databrew/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDataBrewHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DataBrewClientConfig } from "./DataBrewClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DataBrewClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDataBrewHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DataBrew", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-databrew/src/runtimeExtensions.ts b/clients/client-databrew/src/runtimeExtensions.ts index 444e519bf8dcf..cd14877cda42f 100644 --- a/clients/client-databrew/src/runtimeExtensions.ts +++ b/clients/client-databrew/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DataBrewExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-dataexchange/package.json b/clients/client-dataexchange/package.json index 5c64a5968969a..e642dc8be0a1f 100644 --- a/clients/client-dataexchange/package.json +++ b/clients/client-dataexchange/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-dataexchange/src/DataExchangeClient.ts b/clients/client-dataexchange/src/DataExchangeClient.ts index 66876e1e0f09d..d4d722c7f6ed0 100644 --- a/clients/client-dataexchange/src/DataExchangeClient.ts +++ b/clients/client-dataexchange/src/DataExchangeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDataExchangeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobCommandInput, CancelJobCommandOutput } from "./commands/CancelJobCommand"; import { CreateDataSetCommandInput, CreateDataSetCommandOutput } from "./commands/CreateDataSetCommand"; import { CreateEventActionCommandInput, CreateEventActionCommandOutput } from "./commands/CreateEventActionCommand"; @@ -255,21 +260,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -308,8 +314,8 @@ export type DataExchangeClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -328,8 +334,8 @@ export type DataExchangeClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -375,8 +381,8 @@ export class DataExchangeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -385,8 +391,14 @@ export class DataExchangeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -397,4 +409,13 @@ export class DataExchangeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDataExchangeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DataExchangeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-dataexchange/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-dataexchange/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f5eb1476f4909 --- /dev/null +++ b/clients/client-dataexchange/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DataExchangeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataExchangeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DataExchangeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DataExchangeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataExchangeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DataExchangeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-dataexchange/src/auth/httpAuthSchemeProvider.ts b/clients/client-dataexchange/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8e9742b341047 --- /dev/null +++ b/clients/client-dataexchange/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DataExchangeClientConfig, DataExchangeClientResolvedConfig } from "../DataExchangeClient"; + +/** + * @internal + */ +export interface DataExchangeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DataExchangeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DataExchangeClientResolvedConfig, + HandlerExecutionContext, + DataExchangeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDataExchangeHttpAuthSchemeParametersProvider = async ( + config: DataExchangeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DataExchangeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "dataexchange", + region: authParameters.region, + }, + propertiesExtractor: (config: DataExchangeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DataExchangeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDataExchangeHttpAuthSchemeProvider: DataExchangeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DataExchangeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DataExchangeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-dataexchange/src/extensionConfiguration.ts b/clients/client-dataexchange/src/extensionConfiguration.ts index 2b23a939398ba..42901b0779b1a 100644 --- a/clients/client-dataexchange/src/extensionConfiguration.ts +++ b/clients/client-dataexchange/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DataExchangeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-dataexchange/src/runtimeConfig.shared.ts b/clients/client-dataexchange/src/runtimeConfig.shared.ts index 0763aad4798dd..180ae7f71faa0 100644 --- a/clients/client-dataexchange/src/runtimeConfig.shared.ts +++ b/clients/client-dataexchange/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDataExchangeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DataExchangeClientConfig } from "./DataExchangeClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DataExchangeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDataExchangeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DataExchange", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-dataexchange/src/runtimeExtensions.ts b/clients/client-dataexchange/src/runtimeExtensions.ts index 711e0eafc921b..9f9d164a1998b 100644 --- a/clients/client-dataexchange/src/runtimeExtensions.ts +++ b/clients/client-dataexchange/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DataExchangeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-datasync/package.json b/clients/client-datasync/package.json index 535d58faef8b1..5d341da1ea2a5 100644 --- a/clients/client-datasync/package.json +++ b/clients/client-datasync/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-datasync/src/DataSyncClient.ts b/clients/client-datasync/src/DataSyncClient.ts index 8b6c1dddf66b2..f0fdbced2b214 100644 --- a/clients/client-datasync/src/DataSyncClient.ts +++ b/clients/client-datasync/src/DataSyncClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDataSyncHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddStorageSystemCommandInput, AddStorageSystemCommandOutput } from "./commands/AddStorageSystemCommand"; import { CancelTaskExecutionCommandInput, @@ -423,21 +428,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -476,8 +482,8 @@ export type DataSyncClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -496,8 +502,8 @@ export type DataSyncClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -536,8 +542,8 @@ export class DataSyncClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -546,8 +552,14 @@ export class DataSyncClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -558,4 +570,13 @@ export class DataSyncClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDataSyncHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DataSyncClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-datasync/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-datasync/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..75456bdb5ea45 --- /dev/null +++ b/clients/client-datasync/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DataSyncHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataSyncHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DataSyncHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DataSyncHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataSyncHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DataSyncHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-datasync/src/auth/httpAuthSchemeProvider.ts b/clients/client-datasync/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d7f195c17517f --- /dev/null +++ b/clients/client-datasync/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DataSyncClientConfig, DataSyncClientResolvedConfig } from "../DataSyncClient"; + +/** + * @internal + */ +export interface DataSyncHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DataSyncHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DataSyncClientResolvedConfig, + HandlerExecutionContext, + DataSyncHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDataSyncHttpAuthSchemeParametersProvider = async ( + config: DataSyncClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DataSyncHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "datasync", + region: authParameters.region, + }, + propertiesExtractor: (config: DataSyncClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DataSyncHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDataSyncHttpAuthSchemeProvider: DataSyncHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DataSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DataSyncHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-datasync/src/extensionConfiguration.ts b/clients/client-datasync/src/extensionConfiguration.ts index 099444cd611b5..e9014cc688a34 100644 --- a/clients/client-datasync/src/extensionConfiguration.ts +++ b/clients/client-datasync/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DataSyncExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-datasync/src/runtimeConfig.shared.ts b/clients/client-datasync/src/runtimeConfig.shared.ts index ad37f3ee353b0..7abd435b05f5a 100644 --- a/clients/client-datasync/src/runtimeConfig.shared.ts +++ b/clients/client-datasync/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDataSyncHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DataSyncClientConfig } from "./DataSyncClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DataSyncClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDataSyncHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DataSync", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-datasync/src/runtimeExtensions.ts b/clients/client-datasync/src/runtimeExtensions.ts index a40d65976dfae..f68884133c6b4 100644 --- a/clients/client-datasync/src/runtimeExtensions.ts +++ b/clients/client-datasync/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DataSyncExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-datazone/package.json b/clients/client-datazone/package.json index 0e0d5a8fccf30..a9854756200fb 100644 --- a/clients/client-datazone/package.json +++ b/clients/client-datazone/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-datazone/src/DataZoneClient.ts b/clients/client-datazone/src/DataZoneClient.ts index 8bbf963ec7723..451f0f2bd500b 100644 --- a/clients/client-datazone/src/DataZoneClient.ts +++ b/clients/client-datazone/src/DataZoneClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDataZoneHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptPredictionsCommandInput, AcceptPredictionsCommandOutput } from "./commands/AcceptPredictionsCommand"; import { AcceptSubscriptionRequestCommandInput, @@ -564,21 +569,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -617,8 +623,8 @@ export type DataZoneClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -637,8 +643,8 @@ export type DataZoneClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -673,8 +679,8 @@ export class DataZoneClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -683,8 +689,14 @@ export class DataZoneClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -695,4 +707,13 @@ export class DataZoneClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDataZoneHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DataZoneClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-datazone/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-datazone/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..18cc2198f1cb5 --- /dev/null +++ b/clients/client-datazone/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DataZoneHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataZoneHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DataZoneHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DataZoneHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DataZoneHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DataZoneHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-datazone/src/auth/httpAuthSchemeProvider.ts b/clients/client-datazone/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..022367c2bcca2 --- /dev/null +++ b/clients/client-datazone/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DataZoneClientConfig, DataZoneClientResolvedConfig } from "../DataZoneClient"; + +/** + * @internal + */ +export interface DataZoneHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DataZoneHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DataZoneClientResolvedConfig, + HandlerExecutionContext, + DataZoneHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDataZoneHttpAuthSchemeParametersProvider = async ( + config: DataZoneClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DataZoneHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "datazone", + region: authParameters.region, + }, + propertiesExtractor: (config: DataZoneClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DataZoneHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDataZoneHttpAuthSchemeProvider: DataZoneHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DataZoneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DataZoneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-datazone/src/extensionConfiguration.ts b/clients/client-datazone/src/extensionConfiguration.ts index f901c0f86457e..9afadc7ddfe20 100644 --- a/clients/client-datazone/src/extensionConfiguration.ts +++ b/clients/client-datazone/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DataZoneExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-datazone/src/runtimeConfig.shared.ts b/clients/client-datazone/src/runtimeConfig.shared.ts index e421ae87cf5a4..909b9ea0d3d97 100644 --- a/clients/client-datazone/src/runtimeConfig.shared.ts +++ b/clients/client-datazone/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDataZoneHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DataZoneClientConfig } from "./DataZoneClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DataZoneClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDataZoneHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DataZone", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-datazone/src/runtimeExtensions.ts b/clients/client-datazone/src/runtimeExtensions.ts index 780043a577281..899b6b3c16831 100644 --- a/clients/client-datazone/src/runtimeExtensions.ts +++ b/clients/client-datazone/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DataZoneExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-dax/package.json b/clients/client-dax/package.json index b487bf62519c5..0e99e01f0097e 100644 --- a/clients/client-dax/package.json +++ b/clients/client-dax/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-dax/src/DAXClient.ts b/clients/client-dax/src/DAXClient.ts index dad4033b6417c..524fd39c9d7f1 100644 --- a/clients/client-dax/src/DAXClient.ts +++ b/clients/client-dax/src/DAXClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDAXHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateClusterCommandInput, CreateClusterCommandOutput } from "./commands/CreateClusterCommand"; import { CreateParameterGroupCommandInput, @@ -243,21 +248,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -296,8 +302,8 @@ export type DAXClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -316,8 +322,8 @@ export type DAXClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -353,8 +359,8 @@ export class DAXClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -363,8 +369,14 @@ export class DAXClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -375,4 +387,13 @@ export class DAXClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDAXHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DAXClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-dax/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-dax/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3a637e0899aeb --- /dev/null +++ b/clients/client-dax/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DAXHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DAXHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DAXHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DAXHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DAXHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DAXHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-dax/src/auth/httpAuthSchemeProvider.ts b/clients/client-dax/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0a9381e75569c --- /dev/null +++ b/clients/client-dax/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DAXClientConfig, DAXClientResolvedConfig } from "../DAXClient"; + +/** + * @internal + */ +export interface DAXHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DAXHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DAXClientResolvedConfig, + HandlerExecutionContext, + DAXHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDAXHttpAuthSchemeParametersProvider = async ( + config: DAXClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DAXHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "dax", + region: authParameters.region, + }, + propertiesExtractor: (config: DAXClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DAXHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDAXHttpAuthSchemeProvider: DAXHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DAXHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DAXHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-dax/src/extensionConfiguration.ts b/clients/client-dax/src/extensionConfiguration.ts index ed80cf82693ee..ec4430e67ae08 100644 --- a/clients/client-dax/src/extensionConfiguration.ts +++ b/clients/client-dax/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DAXExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-dax/src/runtimeConfig.shared.ts b/clients/client-dax/src/runtimeConfig.shared.ts index 48c6343f76dcf..e851ce8327d9f 100644 --- a/clients/client-dax/src/runtimeConfig.shared.ts +++ b/clients/client-dax/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDAXHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DAXClientConfig } from "./DAXClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DAXClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDAXHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DAX", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-dax/src/runtimeExtensions.ts b/clients/client-dax/src/runtimeExtensions.ts index 90c1d7a8277e8..618f97fc212ae 100644 --- a/clients/client-dax/src/runtimeExtensions.ts +++ b/clients/client-dax/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DAXExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-detective/package.json b/clients/client-detective/package.json index 24fb7a45bfc5b..fa4456a77ed96 100644 --- a/clients/client-detective/package.json +++ b/clients/client-detective/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-detective/src/DetectiveClient.ts b/clients/client-detective/src/DetectiveClient.ts index 27ccfebf033d1..26d24856a6426 100644 --- a/clients/client-detective/src/DetectiveClient.ts +++ b/clients/client-detective/src/DetectiveClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDetectiveHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptInvitationCommandInput, AcceptInvitationCommandOutput } from "./commands/AcceptInvitationCommand"; import { BatchGetGraphMemberDatasourcesCommandInput, @@ -282,21 +287,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -335,8 +341,8 @@ export type DetectiveClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -355,8 +361,8 @@ export type DetectiveClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -462,8 +468,8 @@ export class DetectiveClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -472,8 +478,14 @@ export class DetectiveClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -484,4 +496,13 @@ export class DetectiveClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDetectiveHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DetectiveClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-detective/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-detective/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7ea7d76ce0c8f --- /dev/null +++ b/clients/client-detective/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DetectiveHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DetectiveHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DetectiveHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DetectiveHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DetectiveHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DetectiveHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-detective/src/auth/httpAuthSchemeProvider.ts b/clients/client-detective/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e40a0138b5852 --- /dev/null +++ b/clients/client-detective/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DetectiveClientConfig, DetectiveClientResolvedConfig } from "../DetectiveClient"; + +/** + * @internal + */ +export interface DetectiveHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DetectiveHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DetectiveClientResolvedConfig, + HandlerExecutionContext, + DetectiveHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDetectiveHttpAuthSchemeParametersProvider = async ( + config: DetectiveClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DetectiveHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "detective", + region: authParameters.region, + }, + propertiesExtractor: (config: DetectiveClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DetectiveHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDetectiveHttpAuthSchemeProvider: DetectiveHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DetectiveHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DetectiveHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-detective/src/extensionConfiguration.ts b/clients/client-detective/src/extensionConfiguration.ts index 817e3f508a5f6..2d7138244ee91 100644 --- a/clients/client-detective/src/extensionConfiguration.ts +++ b/clients/client-detective/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DetectiveExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-detective/src/runtimeConfig.shared.ts b/clients/client-detective/src/runtimeConfig.shared.ts index b82d47ceace7e..9fba885f43d7f 100644 --- a/clients/client-detective/src/runtimeConfig.shared.ts +++ b/clients/client-detective/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDetectiveHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DetectiveClientConfig } from "./DetectiveClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DetectiveClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDetectiveHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Detective", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-detective/src/runtimeExtensions.ts b/clients/client-detective/src/runtimeExtensions.ts index 2c295786f3772..ded4b7e2c3d0c 100644 --- a/clients/client-detective/src/runtimeExtensions.ts +++ b/clients/client-detective/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DetectiveExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-device-farm/package.json b/clients/client-device-farm/package.json index f625c1551a83d..dfc361a9f667b 100644 --- a/clients/client-device-farm/package.json +++ b/clients/client-device-farm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-device-farm/src/DeviceFarmClient.ts b/clients/client-device-farm/src/DeviceFarmClient.ts index 63492eddd5bae..17b89fd081fbb 100644 --- a/clients/client-device-farm/src/DeviceFarmClient.ts +++ b/clients/client-device-farm/src/DeviceFarmClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDeviceFarmHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDevicePoolCommandInput, CreateDevicePoolCommandOutput } from "./commands/CreateDevicePoolCommand"; import { CreateInstanceProfileCommandInput, @@ -483,21 +488,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -536,8 +542,8 @@ export type DeviceFarmClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -556,8 +562,8 @@ export type DeviceFarmClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -602,8 +608,8 @@ export class DeviceFarmClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -612,8 +618,14 @@ export class DeviceFarmClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -624,4 +636,13 @@ export class DeviceFarmClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDeviceFarmHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DeviceFarmClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-device-farm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-device-farm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5cc2b868a2ac5 --- /dev/null +++ b/clients/client-device-farm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DeviceFarmHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DeviceFarmHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DeviceFarmHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DeviceFarmHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DeviceFarmHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DeviceFarmHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-device-farm/src/auth/httpAuthSchemeProvider.ts b/clients/client-device-farm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3714c39ff58c8 --- /dev/null +++ b/clients/client-device-farm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DeviceFarmClientConfig, DeviceFarmClientResolvedConfig } from "../DeviceFarmClient"; + +/** + * @internal + */ +export interface DeviceFarmHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DeviceFarmHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DeviceFarmClientResolvedConfig, + HandlerExecutionContext, + DeviceFarmHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDeviceFarmHttpAuthSchemeParametersProvider = async ( + config: DeviceFarmClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DeviceFarmHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "devicefarm", + region: authParameters.region, + }, + propertiesExtractor: (config: DeviceFarmClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DeviceFarmHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDeviceFarmHttpAuthSchemeProvider: DeviceFarmHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DeviceFarmHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DeviceFarmHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-device-farm/src/extensionConfiguration.ts b/clients/client-device-farm/src/extensionConfiguration.ts index 1d0518ed131f8..021a5ffa5feea 100644 --- a/clients/client-device-farm/src/extensionConfiguration.ts +++ b/clients/client-device-farm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DeviceFarmExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-device-farm/src/runtimeConfig.shared.ts b/clients/client-device-farm/src/runtimeConfig.shared.ts index 6756d6407b76a..e45cb3100a995 100644 --- a/clients/client-device-farm/src/runtimeConfig.shared.ts +++ b/clients/client-device-farm/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDeviceFarmHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DeviceFarmClientConfig } from "./DeviceFarmClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DeviceFarmClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDeviceFarmHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Device Farm", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-device-farm/src/runtimeExtensions.ts b/clients/client-device-farm/src/runtimeExtensions.ts index 610dce40a179f..8f2840684dc3e 100644 --- a/clients/client-device-farm/src/runtimeExtensions.ts +++ b/clients/client-device-farm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DeviceFarmExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-devops-guru/package.json b/clients/client-devops-guru/package.json index b79758e8d6a98..84831d29ea801 100644 --- a/clients/client-devops-guru/package.json +++ b/clients/client-devops-guru/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-devops-guru/src/DevOpsGuruClient.ts b/clients/client-devops-guru/src/DevOpsGuruClient.ts index f56757bfe84d3..bd61df5cd7714 100644 --- a/clients/client-devops-guru/src/DevOpsGuruClient.ts +++ b/clients/client-devops-guru/src/DevOpsGuruClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDevOpsGuruHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddNotificationChannelCommandInput, AddNotificationChannelCommandOutput, @@ -315,21 +320,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -368,8 +374,8 @@ export type DevOpsGuruClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -388,8 +394,8 @@ export type DevOpsGuruClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -431,8 +437,8 @@ export class DevOpsGuruClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -441,8 +447,14 @@ export class DevOpsGuruClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -453,4 +465,13 @@ export class DevOpsGuruClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDevOpsGuruHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DevOpsGuruClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-devops-guru/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-devops-guru/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2c5199bf85324 --- /dev/null +++ b/clients/client-devops-guru/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DevOpsGuruHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DevOpsGuruHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DevOpsGuruHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DevOpsGuruHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DevOpsGuruHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DevOpsGuruHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-devops-guru/src/auth/httpAuthSchemeProvider.ts b/clients/client-devops-guru/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7961ccca669a2 --- /dev/null +++ b/clients/client-devops-guru/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DevOpsGuruClientConfig, DevOpsGuruClientResolvedConfig } from "../DevOpsGuruClient"; + +/** + * @internal + */ +export interface DevOpsGuruHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DevOpsGuruHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DevOpsGuruClientResolvedConfig, + HandlerExecutionContext, + DevOpsGuruHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDevOpsGuruHttpAuthSchemeParametersProvider = async ( + config: DevOpsGuruClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DevOpsGuruHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "devops-guru", + region: authParameters.region, + }, + propertiesExtractor: (config: DevOpsGuruClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DevOpsGuruHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDevOpsGuruHttpAuthSchemeProvider: DevOpsGuruHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DevOpsGuruHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DevOpsGuruHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-devops-guru/src/extensionConfiguration.ts b/clients/client-devops-guru/src/extensionConfiguration.ts index 2203646463eaf..d6143c191e086 100644 --- a/clients/client-devops-guru/src/extensionConfiguration.ts +++ b/clients/client-devops-guru/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DevOpsGuruExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-devops-guru/src/runtimeConfig.shared.ts b/clients/client-devops-guru/src/runtimeConfig.shared.ts index 68a11cfb8bcf8..03e533789f8ac 100644 --- a/clients/client-devops-guru/src/runtimeConfig.shared.ts +++ b/clients/client-devops-guru/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDevOpsGuruHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DevOpsGuruClientConfig } from "./DevOpsGuruClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DevOpsGuruClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDevOpsGuruHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DevOps Guru", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-devops-guru/src/runtimeExtensions.ts b/clients/client-devops-guru/src/runtimeExtensions.ts index be3a67b9b6e9e..77e71736df030 100644 --- a/clients/client-devops-guru/src/runtimeExtensions.ts +++ b/clients/client-devops-guru/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DevOpsGuruExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-direct-connect/package.json b/clients/client-direct-connect/package.json index dff7b346e499b..b2006c5eb5187 100644 --- a/clients/client-direct-connect/package.json +++ b/clients/client-direct-connect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-direct-connect/src/DirectConnectClient.ts b/clients/client-direct-connect/src/DirectConnectClient.ts index 50e3e5c6e05bb..3053f100f76f3 100644 --- a/clients/client-direct-connect/src/DirectConnectClient.ts +++ b/clients/client-direct-connect/src/DirectConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDirectConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptDirectConnectGatewayAssociationProposalCommandInput, AcceptDirectConnectGatewayAssociationProposalCommandOutput, @@ -480,21 +485,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -533,8 +539,8 @@ export type DirectConnectClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -553,8 +559,8 @@ export type DirectConnectClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -590,8 +596,8 @@ export class DirectConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -600,8 +606,14 @@ export class DirectConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -612,4 +624,13 @@ export class DirectConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDirectConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DirectConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-direct-connect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-direct-connect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e138fd3df52e3 --- /dev/null +++ b/clients/client-direct-connect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DirectConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DirectConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DirectConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DirectConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-direct-connect/src/auth/httpAuthSchemeProvider.ts b/clients/client-direct-connect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0f4575bffc766 --- /dev/null +++ b/clients/client-direct-connect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DirectConnectClientConfig, DirectConnectClientResolvedConfig } from "../DirectConnectClient"; + +/** + * @internal + */ +export interface DirectConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DirectConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DirectConnectClientResolvedConfig, + HandlerExecutionContext, + DirectConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDirectConnectHttpAuthSchemeParametersProvider = async ( + config: DirectConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DirectConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "directconnect", + region: authParameters.region, + }, + propertiesExtractor: (config: DirectConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DirectConnectHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDirectConnectHttpAuthSchemeProvider: DirectConnectHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DirectConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DirectConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-direct-connect/src/extensionConfiguration.ts b/clients/client-direct-connect/src/extensionConfiguration.ts index d05b64ffa5b05..6c705920cbcc6 100644 --- a/clients/client-direct-connect/src/extensionConfiguration.ts +++ b/clients/client-direct-connect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DirectConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-direct-connect/src/runtimeConfig.shared.ts b/clients/client-direct-connect/src/runtimeConfig.shared.ts index ea59ca88ac1e4..89395cf89cdbf 100644 --- a/clients/client-direct-connect/src/runtimeConfig.shared.ts +++ b/clients/client-direct-connect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDirectConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DirectConnectClientConfig } from "./DirectConnectClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DirectConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDirectConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Direct Connect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-direct-connect/src/runtimeExtensions.ts b/clients/client-direct-connect/src/runtimeExtensions.ts index 431b3a8ce5a1a..3817e64b54413 100644 --- a/clients/client-direct-connect/src/runtimeExtensions.ts +++ b/clients/client-direct-connect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DirectConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-directory-service/package.json b/clients/client-directory-service/package.json index e6bb0208bed49..054ef1c62d4e3 100644 --- a/clients/client-directory-service/package.json +++ b/clients/client-directory-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-directory-service/src/DirectoryServiceClient.ts b/clients/client-directory-service/src/DirectoryServiceClient.ts index 5674faf5628c9..a14f4bc257d88 100644 --- a/clients/client-directory-service/src/DirectoryServiceClient.ts +++ b/clients/client-directory-service/src/DirectoryServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDirectoryServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptSharedDirectoryCommandInput, AcceptSharedDirectoryCommandOutput, @@ -447,21 +452,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -500,8 +506,8 @@ export type DirectoryServiceClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -520,8 +526,8 @@ export type DirectoryServiceClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -565,8 +571,8 @@ export class DirectoryServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -575,8 +581,14 @@ export class DirectoryServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -587,4 +599,13 @@ export class DirectoryServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDirectoryServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DirectoryServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-directory-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-directory-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..829939c96c9b5 --- /dev/null +++ b/clients/client-directory-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DirectoryServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectoryServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DirectoryServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DirectoryServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DirectoryServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DirectoryServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-directory-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-directory-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c9ece8eb5df24 --- /dev/null +++ b/clients/client-directory-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DirectoryServiceClientConfig, DirectoryServiceClientResolvedConfig } from "../DirectoryServiceClient"; + +/** + * @internal + */ +export interface DirectoryServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DirectoryServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DirectoryServiceClientResolvedConfig, + HandlerExecutionContext, + DirectoryServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDirectoryServiceHttpAuthSchemeParametersProvider = async ( + config: DirectoryServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DirectoryServiceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ds", + region: authParameters.region, + }, + propertiesExtractor: (config: DirectoryServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DirectoryServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDirectoryServiceHttpAuthSchemeProvider: DirectoryServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DirectoryServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DirectoryServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-directory-service/src/extensionConfiguration.ts b/clients/client-directory-service/src/extensionConfiguration.ts index 69aa55985937b..b1e3e5962e2a4 100644 --- a/clients/client-directory-service/src/extensionConfiguration.ts +++ b/clients/client-directory-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DirectoryServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-directory-service/src/runtimeConfig.shared.ts b/clients/client-directory-service/src/runtimeConfig.shared.ts index a260832e4116e..05716c94d3d41 100644 --- a/clients/client-directory-service/src/runtimeConfig.shared.ts +++ b/clients/client-directory-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDirectoryServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DirectoryServiceClientConfig } from "./DirectoryServiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DirectoryServiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDirectoryServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Directory Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-directory-service/src/runtimeExtensions.ts b/clients/client-directory-service/src/runtimeExtensions.ts index dc846091f157c..f85e7fbb5eecf 100644 --- a/clients/client-directory-service/src/runtimeExtensions.ts +++ b/clients/client-directory-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DirectoryServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-dlm/package.json b/clients/client-dlm/package.json index 85d0c81d985e4..ac5dd347052cc 100644 --- a/clients/client-dlm/package.json +++ b/clients/client-dlm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-dlm/src/DLMClient.ts b/clients/client-dlm/src/DLMClient.ts index c832148feadc1..d253b9dc9c473 100644 --- a/clients/client-dlm/src/DLMClient.ts +++ b/clients/client-dlm/src/DLMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDLMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateLifecyclePolicyCommandInput, CreateLifecyclePolicyCommandOutput, @@ -195,21 +200,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -248,8 +254,8 @@ export type DLMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -268,8 +274,8 @@ export type DLMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -306,8 +312,8 @@ export class DLMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -316,8 +322,14 @@ export class DLMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -328,4 +340,13 @@ export class DLMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDLMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DLMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-dlm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-dlm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..894c76854b53a --- /dev/null +++ b/clients/client-dlm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DLMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DLMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DLMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DLMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DLMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DLMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-dlm/src/auth/httpAuthSchemeProvider.ts b/clients/client-dlm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..474e48d06dca9 --- /dev/null +++ b/clients/client-dlm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DLMClientConfig, DLMClientResolvedConfig } from "../DLMClient"; + +/** + * @internal + */ +export interface DLMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DLMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DLMClientResolvedConfig, + HandlerExecutionContext, + DLMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDLMHttpAuthSchemeParametersProvider = async ( + config: DLMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DLMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "dlm", + region: authParameters.region, + }, + propertiesExtractor: (config: DLMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DLMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDLMHttpAuthSchemeProvider: DLMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DLMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DLMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-dlm/src/extensionConfiguration.ts b/clients/client-dlm/src/extensionConfiguration.ts index 96b907c3f85e6..4cc38671c6e9b 100644 --- a/clients/client-dlm/src/extensionConfiguration.ts +++ b/clients/client-dlm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DLMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-dlm/src/runtimeConfig.shared.ts b/clients/client-dlm/src/runtimeConfig.shared.ts index b8e797d38c23b..1148685ec4d20 100644 --- a/clients/client-dlm/src/runtimeConfig.shared.ts +++ b/clients/client-dlm/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDLMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DLMClientConfig } from "./DLMClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DLMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDLMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DLM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-dlm/src/runtimeExtensions.ts b/clients/client-dlm/src/runtimeExtensions.ts index 4fa65130f920a..d8d898f720b84 100644 --- a/clients/client-dlm/src/runtimeExtensions.ts +++ b/clients/client-dlm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DLMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-docdb-elastic/package.json b/clients/client-docdb-elastic/package.json index c6714bc4e56c0..63d48ff3aac46 100644 --- a/clients/client-docdb-elastic/package.json +++ b/clients/client-docdb-elastic/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-docdb-elastic/src/DocDBElasticClient.ts b/clients/client-docdb-elastic/src/DocDBElasticClient.ts index 7d2d56c7e8a22..bf9a24dafd33f 100644 --- a/clients/client-docdb-elastic/src/DocDBElasticClient.ts +++ b/clients/client-docdb-elastic/src/DocDBElasticClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDocDBElasticHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateClusterCommandInput, CreateClusterCommandOutput } from "./commands/CreateClusterCommand"; import { CreateClusterSnapshotCommandInput, @@ -210,21 +215,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -263,8 +269,8 @@ export type DocDBElasticClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -283,8 +289,8 @@ export type DocDBElasticClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -315,8 +321,8 @@ export class DocDBElasticClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -325,8 +331,14 @@ export class DocDBElasticClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -337,4 +349,13 @@ export class DocDBElasticClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDocDBElasticHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DocDBElasticClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-docdb-elastic/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-docdb-elastic/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..57a7cd28c6d9e --- /dev/null +++ b/clients/client-docdb-elastic/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DocDBElasticHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DocDBElasticHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DocDBElasticHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DocDBElasticHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DocDBElasticHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DocDBElasticHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-docdb-elastic/src/auth/httpAuthSchemeProvider.ts b/clients/client-docdb-elastic/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6b45935baea5d --- /dev/null +++ b/clients/client-docdb-elastic/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DocDBElasticClientConfig, DocDBElasticClientResolvedConfig } from "../DocDBElasticClient"; + +/** + * @internal + */ +export interface DocDBElasticHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DocDBElasticHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DocDBElasticClientResolvedConfig, + HandlerExecutionContext, + DocDBElasticHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDocDBElasticHttpAuthSchemeParametersProvider = async ( + config: DocDBElasticClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DocDBElasticHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "docdb-elastic", + region: authParameters.region, + }, + propertiesExtractor: (config: DocDBElasticClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DocDBElasticHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDocDBElasticHttpAuthSchemeProvider: DocDBElasticHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DocDBElasticHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DocDBElasticHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-docdb-elastic/src/extensionConfiguration.ts b/clients/client-docdb-elastic/src/extensionConfiguration.ts index b6c2875b5c7c6..5ef54b8f6be25 100644 --- a/clients/client-docdb-elastic/src/extensionConfiguration.ts +++ b/clients/client-docdb-elastic/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DocDBElasticExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-docdb-elastic/src/runtimeConfig.shared.ts b/clients/client-docdb-elastic/src/runtimeConfig.shared.ts index ed7cc4ce79882..4ab712a6466fc 100644 --- a/clients/client-docdb-elastic/src/runtimeConfig.shared.ts +++ b/clients/client-docdb-elastic/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDocDBElasticHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DocDBElasticClientConfig } from "./DocDBElasticClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DocDBElasticClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDocDBElasticHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DocDB Elastic", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-docdb-elastic/src/runtimeExtensions.ts b/clients/client-docdb-elastic/src/runtimeExtensions.ts index 6b1f3bcdab6d5..ad0d20d30ac94 100644 --- a/clients/client-docdb-elastic/src/runtimeExtensions.ts +++ b/clients/client-docdb-elastic/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DocDBElasticExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-docdb/package.json b/clients/client-docdb/package.json index d79307f03ebe6..99f40c873587f 100644 --- a/clients/client-docdb/package.json +++ b/clients/client-docdb/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", "@aws-sdk/middleware-sdk-rds": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-docdb/src/DocDBClient.ts b/clients/client-docdb/src/DocDBClient.ts index 04e27a877c1ee..6a67137ad44d3 100644 --- a/clients/client-docdb/src/DocDBClient.ts +++ b/clients/client-docdb/src/DocDBClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDocDBHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddSourceIdentifierToSubscriptionCommandInput, AddSourceIdentifierToSubscriptionCommandOutput, @@ -435,21 +440,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -488,8 +494,8 @@ export type DocDBClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -508,8 +514,8 @@ export type DocDBClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -542,8 +548,8 @@ export class DocDBClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -552,8 +558,14 @@ export class DocDBClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -564,4 +576,13 @@ export class DocDBClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDocDBHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DocDBClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-docdb/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-docdb/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5ec6c5dcc5bc6 --- /dev/null +++ b/clients/client-docdb/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DocDBHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DocDBHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DocDBHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DocDBHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DocDBHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DocDBHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-docdb/src/auth/httpAuthSchemeProvider.ts b/clients/client-docdb/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2a240b3556e5c --- /dev/null +++ b/clients/client-docdb/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DocDBClientConfig, DocDBClientResolvedConfig } from "../DocDBClient"; + +/** + * @internal + */ +export interface DocDBHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DocDBHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DocDBClientResolvedConfig, + HandlerExecutionContext, + DocDBHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDocDBHttpAuthSchemeParametersProvider = async ( + config: DocDBClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DocDBHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rds", + region: authParameters.region, + }, + propertiesExtractor: (config: DocDBClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DocDBHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDocDBHttpAuthSchemeProvider: DocDBHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DocDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DocDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-docdb/src/extensionConfiguration.ts b/clients/client-docdb/src/extensionConfiguration.ts index 80e8a4a924d04..0c223e45bc405 100644 --- a/clients/client-docdb/src/extensionConfiguration.ts +++ b/clients/client-docdb/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DocDBExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-docdb/src/runtimeConfig.shared.ts b/clients/client-docdb/src/runtimeConfig.shared.ts index 29a29d4605ab6..d8d576eba7336 100644 --- a/clients/client-docdb/src/runtimeConfig.shared.ts +++ b/clients/client-docdb/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDocDBHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DocDBClientConfig } from "./DocDBClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DocDBClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDocDBHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DocDB", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-docdb/src/runtimeExtensions.ts b/clients/client-docdb/src/runtimeExtensions.ts index aac5495b74a92..b12c0c0f03caa 100644 --- a/clients/client-docdb/src/runtimeExtensions.ts +++ b/clients/client-docdb/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DocDBExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-drs/package.json b/clients/client-drs/package.json index 012546bc65a1f..1cf32976b94ad 100644 --- a/clients/client-drs/package.json +++ b/clients/client-drs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-drs/src/DrsClient.ts b/clients/client-drs/src/DrsClient.ts index 8d0c227cbdd05..510b762a556ad 100644 --- a/clients/client-drs/src/DrsClient.ts +++ b/clients/client-drs/src/DrsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDrsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateSourceNetworkStackCommandInput, AssociateSourceNetworkStackCommandOutput, @@ -414,21 +419,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -467,8 +473,8 @@ export type DrsClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -487,8 +493,8 @@ export type DrsClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -519,8 +525,8 @@ export class DrsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -529,8 +535,14 @@ export class DrsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -541,4 +553,13 @@ export class DrsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDrsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DrsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-drs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-drs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..972f6f8aeeda3 --- /dev/null +++ b/clients/client-drs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DrsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DrsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DrsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DrsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DrsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DrsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-drs/src/auth/httpAuthSchemeProvider.ts b/clients/client-drs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1ffa815761d49 --- /dev/null +++ b/clients/client-drs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DrsClientConfig, DrsClientResolvedConfig } from "../DrsClient"; + +/** + * @internal + */ +export interface DrsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DrsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DrsClientResolvedConfig, + HandlerExecutionContext, + DrsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDrsHttpAuthSchemeParametersProvider = async ( + config: DrsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DrsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "drs", + region: authParameters.region, + }, + propertiesExtractor: (config: DrsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DrsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDrsHttpAuthSchemeProvider: DrsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DrsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DrsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-drs/src/extensionConfiguration.ts b/clients/client-drs/src/extensionConfiguration.ts index 43843d8104eea..0b56f05d73cb7 100644 --- a/clients/client-drs/src/extensionConfiguration.ts +++ b/clients/client-drs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DrsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-drs/src/runtimeConfig.shared.ts b/clients/client-drs/src/runtimeConfig.shared.ts index d2a25d2b3ddfa..309490bd717d5 100644 --- a/clients/client-drs/src/runtimeConfig.shared.ts +++ b/clients/client-drs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDrsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DrsClientConfig } from "./DrsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DrsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDrsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "drs", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-drs/src/runtimeExtensions.ts b/clients/client-drs/src/runtimeExtensions.ts index d26b9a81b9387..b0b7a3e861c17 100644 --- a/clients/client-drs/src/runtimeExtensions.ts +++ b/clients/client-drs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DrsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-dynamodb-streams/package.json b/clients/client-dynamodb-streams/package.json index 0bba129bacd1c..3f1f6b77a9ab2 100644 --- a/clients/client-dynamodb-streams/package.json +++ b/clients/client-dynamodb-streams/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-dynamodb-streams/src/DynamoDBStreamsClient.ts b/clients/client-dynamodb-streams/src/DynamoDBStreamsClient.ts index 2b7fc0feda886..83ede23f2858c 100644 --- a/clients/client-dynamodb-streams/src/DynamoDBStreamsClient.ts +++ b/clients/client-dynamodb-streams/src/DynamoDBStreamsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultDynamoDBStreamsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeStreamCommandInput, DescribeStreamCommandOutput } from "./commands/DescribeStreamCommand"; import { GetRecordsCommandInput, GetRecordsCommandOutput } from "./commands/GetRecordsCommand"; import { GetShardIteratorCommandInput, GetShardIteratorCommandOutput } from "./commands/GetShardIteratorCommand"; @@ -168,21 +173,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -221,8 +227,8 @@ export type DynamoDBStreamsClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -241,8 +247,8 @@ export type DynamoDBStreamsClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export class DynamoDBStreamsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -287,8 +293,14 @@ export class DynamoDBStreamsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -299,4 +311,13 @@ export class DynamoDBStreamsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultDynamoDBStreamsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: DynamoDBStreamsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-dynamodb-streams/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-dynamodb-streams/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7924652b052a4 --- /dev/null +++ b/clients/client-dynamodb-streams/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { DynamoDBStreamsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DynamoDBStreamsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): DynamoDBStreamsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: DynamoDBStreamsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: DynamoDBStreamsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): DynamoDBStreamsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-dynamodb-streams/src/auth/httpAuthSchemeProvider.ts b/clients/client-dynamodb-streams/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..316c355f95948 --- /dev/null +++ b/clients/client-dynamodb-streams/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { DynamoDBStreamsClientConfig, DynamoDBStreamsClientResolvedConfig } from "../DynamoDBStreamsClient"; + +/** + * @internal + */ +export interface DynamoDBStreamsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface DynamoDBStreamsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + DynamoDBStreamsClientResolvedConfig, + HandlerExecutionContext, + DynamoDBStreamsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultDynamoDBStreamsHttpAuthSchemeParametersProvider = async ( + config: DynamoDBStreamsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: DynamoDBStreamsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "dynamodb", + region: authParameters.region, + }, + propertiesExtractor: (config: DynamoDBStreamsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface DynamoDBStreamsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultDynamoDBStreamsHttpAuthSchemeProvider: DynamoDBStreamsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: DynamoDBStreamsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: DynamoDBStreamsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-dynamodb-streams/src/extensionConfiguration.ts b/clients/client-dynamodb-streams/src/extensionConfiguration.ts index 913fe89a7ff7b..fef589dc68a0d 100644 --- a/clients/client-dynamodb-streams/src/extensionConfiguration.ts +++ b/clients/client-dynamodb-streams/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface DynamoDBStreamsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-dynamodb-streams/src/runtimeConfig.shared.ts b/clients/client-dynamodb-streams/src/runtimeConfig.shared.ts index 1580e58ac1928..3b3d74bce353b 100644 --- a/clients/client-dynamodb-streams/src/runtimeConfig.shared.ts +++ b/clients/client-dynamodb-streams/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultDynamoDBStreamsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { DynamoDBStreamsClientConfig } from "./DynamoDBStreamsClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: DynamoDBStreamsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultDynamoDBStreamsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "DynamoDB Streams", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-dynamodb-streams/src/runtimeExtensions.ts b/clients/client-dynamodb-streams/src/runtimeExtensions.ts index 093bec76dff25..34652f320929d 100644 --- a/clients/client-dynamodb-streams/src/runtimeExtensions.ts +++ b/clients/client-dynamodb-streams/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { DynamoDBStreamsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-dynamodb/package.json b/clients/client-dynamodb/package.json index 331108d37d5f6..f9c929cfb61fd 100644 --- a/clients/client-dynamodb/package.json +++ b/clients/client-dynamodb/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-ebs/package.json b/clients/client-ebs/package.json index 475ff5befd04c..1099f5e384a62 100644 --- a/clients/client-ebs/package.json +++ b/clients/client-ebs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-ebs/src/EBSClient.ts b/clients/client-ebs/src/EBSClient.ts index 0d648a9b2453e..ef7ff71b594cc 100644 --- a/clients/client-ebs/src/EBSClient.ts +++ b/clients/client-ebs/src/EBSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEBSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CompleteSnapshotCommandInput, CompleteSnapshotCommandOutput } from "./commands/CompleteSnapshotCommand"; import { GetSnapshotBlockCommandInput, GetSnapshotBlockCommandOutput } from "./commands/GetSnapshotBlockCommand"; import { ListChangedBlocksCommandInput, ListChangedBlocksCommandOutput } from "./commands/ListChangedBlocksCommand"; @@ -175,21 +180,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -234,8 +240,8 @@ export type EBSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -254,8 +260,8 @@ export type EBSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -302,8 +308,8 @@ export class EBSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -312,8 +318,14 @@ export class EBSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -324,4 +336,13 @@ export class EBSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEBSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EBSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ebs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ebs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..50b0e741cb087 --- /dev/null +++ b/clients/client-ebs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EBSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EBSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EBSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EBSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EBSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EBSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ebs/src/auth/httpAuthSchemeProvider.ts b/clients/client-ebs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a75d9953cebda --- /dev/null +++ b/clients/client-ebs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EBSClientConfig, EBSClientResolvedConfig } from "../EBSClient"; + +/** + * @internal + */ +export interface EBSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EBSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EBSClientResolvedConfig, + HandlerExecutionContext, + EBSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEBSHttpAuthSchemeParametersProvider = async ( + config: EBSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EBSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ebs", + region: authParameters.region, + }, + propertiesExtractor: (config: EBSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EBSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEBSHttpAuthSchemeProvider: EBSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EBSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EBSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ebs/src/extensionConfiguration.ts b/clients/client-ebs/src/extensionConfiguration.ts index d506102f063f5..c4bb7f3668f92 100644 --- a/clients/client-ebs/src/extensionConfiguration.ts +++ b/clients/client-ebs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EBSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ebs/src/runtimeConfig.shared.ts b/clients/client-ebs/src/runtimeConfig.shared.ts index 0b10b5672f8b0..e83845a92f438 100644 --- a/clients/client-ebs/src/runtimeConfig.shared.ts +++ b/clients/client-ebs/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEBSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EBSClientConfig } from "./EBSClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: EBSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEBSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "EBS", diff --git a/clients/client-ebs/src/runtimeExtensions.ts b/clients/client-ebs/src/runtimeExtensions.ts index 4d749e0f75c39..557356bc96f05 100644 --- a/clients/client-ebs/src/runtimeExtensions.ts +++ b/clients/client-ebs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EBSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ec2-instance-connect/package.json b/clients/client-ec2-instance-connect/package.json index 6a5771c71d0a5..a4f7ca925f5e0 100644 --- a/clients/client-ec2-instance-connect/package.json +++ b/clients/client-ec2-instance-connect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ec2-instance-connect/src/EC2InstanceConnectClient.ts b/clients/client-ec2-instance-connect/src/EC2InstanceConnectClient.ts index 499f87bbc12f3..cd171e1882aa0 100644 --- a/clients/client-ec2-instance-connect/src/EC2InstanceConnectClient.ts +++ b/clients/client-ec2-instance-connect/src/EC2InstanceConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEC2InstanceConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { SendSerialConsoleSSHPublicKeyCommandInput, SendSerialConsoleSSHPublicKeyCommandOutput, @@ -161,21 +166,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -214,8 +220,8 @@ export type EC2InstanceConnectClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -234,8 +240,8 @@ export type EC2InstanceConnectClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -268,8 +274,8 @@ export class EC2InstanceConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -278,8 +284,14 @@ export class EC2InstanceConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -290,4 +302,13 @@ export class EC2InstanceConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEC2InstanceConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EC2InstanceConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ec2-instance-connect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ec2-instance-connect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..466bc9ba99c3e --- /dev/null +++ b/clients/client-ec2-instance-connect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EC2InstanceConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EC2InstanceConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EC2InstanceConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EC2InstanceConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EC2InstanceConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EC2InstanceConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ec2-instance-connect/src/auth/httpAuthSchemeProvider.ts b/clients/client-ec2-instance-connect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f624ef3c8325a --- /dev/null +++ b/clients/client-ec2-instance-connect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EC2InstanceConnectClientConfig, EC2InstanceConnectClientResolvedConfig } from "../EC2InstanceConnectClient"; + +/** + * @internal + */ +export interface EC2InstanceConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EC2InstanceConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EC2InstanceConnectClientResolvedConfig, + HandlerExecutionContext, + EC2InstanceConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEC2InstanceConnectHttpAuthSchemeParametersProvider = async ( + config: EC2InstanceConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EC2InstanceConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ec2-instance-connect", + region: authParameters.region, + }, + propertiesExtractor: (config: EC2InstanceConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EC2InstanceConnectHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEC2InstanceConnectHttpAuthSchemeProvider: EC2InstanceConnectHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EC2InstanceConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EC2InstanceConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ec2-instance-connect/src/extensionConfiguration.ts b/clients/client-ec2-instance-connect/src/extensionConfiguration.ts index d1ba55529935e..e965b1277a471 100644 --- a/clients/client-ec2-instance-connect/src/extensionConfiguration.ts +++ b/clients/client-ec2-instance-connect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EC2InstanceConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ec2-instance-connect/src/runtimeConfig.shared.ts b/clients/client-ec2-instance-connect/src/runtimeConfig.shared.ts index 1adefeac8029b..e6aa045478bc3 100644 --- a/clients/client-ec2-instance-connect/src/runtimeConfig.shared.ts +++ b/clients/client-ec2-instance-connect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEC2InstanceConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EC2InstanceConnectClientConfig } from "./EC2InstanceConnectClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EC2InstanceConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEC2InstanceConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EC2 Instance Connect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ec2-instance-connect/src/runtimeExtensions.ts b/clients/client-ec2-instance-connect/src/runtimeExtensions.ts index 4e126fe7eaa6a..af2c770031fbe 100644 --- a/clients/client-ec2-instance-connect/src/runtimeExtensions.ts +++ b/clients/client-ec2-instance-connect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EC2InstanceConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ec2/package.json b/clients/client-ec2/package.json index 12d52be42dd51..30cb8e844b4d6 100644 --- a/clients/client-ec2/package.json +++ b/clients/client-ec2/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-ecr-public/package.json b/clients/client-ecr-public/package.json index 912241af27ab8..001a8b5d1a781 100644 --- a/clients/client-ecr-public/package.json +++ b/clients/client-ecr-public/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ecr-public/src/ECRPUBLICClient.ts b/clients/client-ecr-public/src/ECRPUBLICClient.ts index d9ecb4d0c028f..2c9ce9aa1bbac 100644 --- a/clients/client-ecr-public/src/ECRPUBLICClient.ts +++ b/clients/client-ecr-public/src/ECRPUBLICClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultECRPUBLICHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCheckLayerAvailabilityCommandInput, BatchCheckLayerAvailabilityCommandOutput, @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type ECRPUBLICClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type ECRPUBLICClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -375,8 +381,8 @@ export class ECRPUBLICClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -385,8 +391,14 @@ export class ECRPUBLICClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -397,4 +409,13 @@ export class ECRPUBLICClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultECRPUBLICHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ECRPUBLICClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ecr-public/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ecr-public/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2892be7f22c24 --- /dev/null +++ b/clients/client-ecr-public/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ECRPUBLICHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECRPUBLICHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ECRPUBLICHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ECRPUBLICHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECRPUBLICHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ECRPUBLICHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ecr-public/src/auth/httpAuthSchemeProvider.ts b/clients/client-ecr-public/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bf0d2d0d96474 --- /dev/null +++ b/clients/client-ecr-public/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ECRPUBLICClientConfig, ECRPUBLICClientResolvedConfig } from "../ECRPUBLICClient"; + +/** + * @internal + */ +export interface ECRPUBLICHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ECRPUBLICHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ECRPUBLICClientResolvedConfig, + HandlerExecutionContext, + ECRPUBLICHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultECRPUBLICHttpAuthSchemeParametersProvider = async ( + config: ECRPUBLICClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ECRPUBLICHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ecr-public", + region: authParameters.region, + }, + propertiesExtractor: (config: ECRPUBLICClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ECRPUBLICHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultECRPUBLICHttpAuthSchemeProvider: ECRPUBLICHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ECRPUBLICHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ECRPUBLICHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ecr-public/src/extensionConfiguration.ts b/clients/client-ecr-public/src/extensionConfiguration.ts index b3fee6d8e0c92..b5542dcabc75d 100644 --- a/clients/client-ecr-public/src/extensionConfiguration.ts +++ b/clients/client-ecr-public/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ECRPUBLICExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ecr-public/src/runtimeConfig.shared.ts b/clients/client-ecr-public/src/runtimeConfig.shared.ts index 8898feb1535d0..665aaf713986f 100644 --- a/clients/client-ecr-public/src/runtimeConfig.shared.ts +++ b/clients/client-ecr-public/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultECRPUBLICHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ECRPUBLICClientConfig } from "./ECRPUBLICClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ECRPUBLICClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultECRPUBLICHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ECR PUBLIC", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ecr-public/src/runtimeExtensions.ts b/clients/client-ecr-public/src/runtimeExtensions.ts index 9fdcaea8a9027..4e24774d12505 100644 --- a/clients/client-ecr-public/src/runtimeExtensions.ts +++ b/clients/client-ecr-public/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ECRPUBLICExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ecr/package.json b/clients/client-ecr/package.json index f61a09e4faefc..4fb46da683f04 100644 --- a/clients/client-ecr/package.json +++ b/clients/client-ecr/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-ecr/src/ECRClient.ts b/clients/client-ecr/src/ECRClient.ts index ff246502cba71..ba4d143d09d94 100644 --- a/clients/client-ecr/src/ECRClient.ts +++ b/clients/client-ecr/src/ECRClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultECRHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCheckLayerAvailabilityCommandInput, BatchCheckLayerAvailabilityCommandOutput, @@ -366,21 +371,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -419,8 +425,8 @@ export type ECRClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -439,8 +445,8 @@ export type ECRClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -479,8 +485,8 @@ export class ECRClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -489,8 +495,14 @@ export class ECRClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -501,4 +513,13 @@ export class ECRClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultECRHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ECRClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ecr/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ecr/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5804964cd2041 --- /dev/null +++ b/clients/client-ecr/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ECRHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECRHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ECRHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ECRHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECRHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ECRHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ecr/src/auth/httpAuthSchemeProvider.ts b/clients/client-ecr/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c289d10fb6170 --- /dev/null +++ b/clients/client-ecr/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ECRClientConfig, ECRClientResolvedConfig } from "../ECRClient"; + +/** + * @internal + */ +export interface ECRHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ECRHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ECRClientResolvedConfig, + HandlerExecutionContext, + ECRHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultECRHttpAuthSchemeParametersProvider = async ( + config: ECRClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ECRHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ecr", + region: authParameters.region, + }, + propertiesExtractor: (config: ECRClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ECRHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultECRHttpAuthSchemeProvider: ECRHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ECRHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ECRHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ecr/src/extensionConfiguration.ts b/clients/client-ecr/src/extensionConfiguration.ts index 8cf1678b2ccc7..68926c60f80a3 100644 --- a/clients/client-ecr/src/extensionConfiguration.ts +++ b/clients/client-ecr/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ECRExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ecr/src/runtimeConfig.shared.ts b/clients/client-ecr/src/runtimeConfig.shared.ts index fcaefdc5cd490..acfe22aedd332 100644 --- a/clients/client-ecr/src/runtimeConfig.shared.ts +++ b/clients/client-ecr/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultECRHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ECRClientConfig } from "./ECRClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ECRClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultECRHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ECR", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ecr/src/runtimeExtensions.ts b/clients/client-ecr/src/runtimeExtensions.ts index 378aa55a7d15d..618f4d83463bd 100644 --- a/clients/client-ecr/src/runtimeExtensions.ts +++ b/clients/client-ecr/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ECRExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ecs/package.json b/clients/client-ecs/package.json index 76049cd3e7412..6f1540d3beb89 100644 --- a/clients/client-ecs/package.json +++ b/clients/client-ecs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-ecs/src/ECSClient.ts b/clients/client-ecs/src/ECSClient.ts index 2af7f6c5e4912..f7d581e5a5fba 100644 --- a/clients/client-ecs/src/ECSClient.ts +++ b/clients/client-ecs/src/ECSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultECSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCapacityProviderCommandInput, CreateCapacityProviderCommandOutput, @@ -411,21 +416,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -464,8 +470,8 @@ export type ECSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -484,8 +490,8 @@ export type ECSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -528,8 +534,8 @@ export class ECSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -538,8 +544,14 @@ export class ECSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -550,4 +562,13 @@ export class ECSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultECSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ECSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ecs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ecs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7c930660df79e --- /dev/null +++ b/clients/client-ecs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ECSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ECSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ECSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ECSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ECSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ecs/src/auth/httpAuthSchemeProvider.ts b/clients/client-ecs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..72274065812d7 --- /dev/null +++ b/clients/client-ecs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ECSClientConfig, ECSClientResolvedConfig } from "../ECSClient"; + +/** + * @internal + */ +export interface ECSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ECSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ECSClientResolvedConfig, + HandlerExecutionContext, + ECSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultECSHttpAuthSchemeParametersProvider = async ( + config: ECSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ECSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ecs", + region: authParameters.region, + }, + propertiesExtractor: (config: ECSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ECSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultECSHttpAuthSchemeProvider: ECSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ECSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ECSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ecs/src/extensionConfiguration.ts b/clients/client-ecs/src/extensionConfiguration.ts index c605be05fafb4..7a950cf2f2dff 100644 --- a/clients/client-ecs/src/extensionConfiguration.ts +++ b/clients/client-ecs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ECSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ecs/src/runtimeConfig.shared.ts b/clients/client-ecs/src/runtimeConfig.shared.ts index 95b658baf4833..33ab469a55af8 100644 --- a/clients/client-ecs/src/runtimeConfig.shared.ts +++ b/clients/client-ecs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultECSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ECSClientConfig } from "./ECSClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ECSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultECSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ECS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ecs/src/runtimeExtensions.ts b/clients/client-ecs/src/runtimeExtensions.ts index 1b70a323589f0..fe18f437c6d4e 100644 --- a/clients/client-ecs/src/runtimeExtensions.ts +++ b/clients/client-ecs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ECSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-efs/package.json b/clients/client-efs/package.json index ad977189e8d29..4ced7416210bd 100644 --- a/clients/client-efs/package.json +++ b/clients/client-efs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-efs/src/EFSClient.ts b/clients/client-efs/src/EFSClient.ts index 45e4014605bd2..da1ee20865c3b 100644 --- a/clients/client-efs/src/EFSClient.ts +++ b/clients/client-efs/src/EFSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEFSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAccessPointCommandInput, CreateAccessPointCommandOutput } from "./commands/CreateAccessPointCommand"; import { CreateFileSystemCommandInput, CreateFileSystemCommandOutput } from "./commands/CreateFileSystemCommand"; import { CreateMountTargetCommandInput, CreateMountTargetCommandOutput } from "./commands/CreateMountTargetCommand"; @@ -303,21 +308,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -356,8 +362,8 @@ export type EFSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -376,8 +382,8 @@ export type EFSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -412,8 +418,8 @@ export class EFSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -422,8 +428,14 @@ export class EFSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -434,4 +446,13 @@ export class EFSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEFSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EFSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-efs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-efs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cdce97d3f197d --- /dev/null +++ b/clients/client-efs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EFSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EFSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EFSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EFSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EFSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EFSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-efs/src/auth/httpAuthSchemeProvider.ts b/clients/client-efs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8a61f35b80852 --- /dev/null +++ b/clients/client-efs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EFSClientConfig, EFSClientResolvedConfig } from "../EFSClient"; + +/** + * @internal + */ +export interface EFSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EFSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EFSClientResolvedConfig, + HandlerExecutionContext, + EFSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEFSHttpAuthSchemeParametersProvider = async ( + config: EFSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EFSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticfilesystem", + region: authParameters.region, + }, + propertiesExtractor: (config: EFSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EFSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEFSHttpAuthSchemeProvider: EFSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EFSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EFSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-efs/src/extensionConfiguration.ts b/clients/client-efs/src/extensionConfiguration.ts index fe17284ec5919..20c78769ef2b6 100644 --- a/clients/client-efs/src/extensionConfiguration.ts +++ b/clients/client-efs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EFSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-efs/src/runtimeConfig.shared.ts b/clients/client-efs/src/runtimeConfig.shared.ts index 97fcf7aa3bc8c..b9a2c696a76af 100644 --- a/clients/client-efs/src/runtimeConfig.shared.ts +++ b/clients/client-efs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEFSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EFSClientConfig } from "./EFSClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EFSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEFSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EFS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-efs/src/runtimeExtensions.ts b/clients/client-efs/src/runtimeExtensions.ts index 991d32c69ddde..31aba566323d9 100644 --- a/clients/client-efs/src/runtimeExtensions.ts +++ b/clients/client-efs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EFSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-eks-auth/package.json b/clients/client-eks-auth/package.json index 51e186c04fd9c..d1e4a34548b3b 100644 --- a/clients/client-eks-auth/package.json +++ b/clients/client-eks-auth/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-eks-auth/src/EKSAuthClient.ts b/clients/client-eks-auth/src/EKSAuthClient.ts index 0d215e64a3e95..48e4b1d3717d5 100644 --- a/clients/client-eks-auth/src/EKSAuthClient.ts +++ b/clients/client-eks-auth/src/EKSAuthClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEKSAuthHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssumeRoleForPodIdentityCommandInput, AssumeRoleForPodIdentityCommandOutput, @@ -160,21 +165,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -213,8 +219,8 @@ export type EKSAuthClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -233,8 +239,8 @@ export type EKSAuthClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -266,8 +272,8 @@ export class EKSAuthClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -276,8 +282,14 @@ export class EKSAuthClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -288,4 +300,13 @@ export class EKSAuthClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEKSAuthHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EKSAuthClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-eks-auth/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-eks-auth/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..dcc6dd82c1a5e --- /dev/null +++ b/clients/client-eks-auth/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EKSAuthHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EKSAuthHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EKSAuthHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EKSAuthHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EKSAuthHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EKSAuthHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-eks-auth/src/auth/httpAuthSchemeProvider.ts b/clients/client-eks-auth/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6e98e3061135f --- /dev/null +++ b/clients/client-eks-auth/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EKSAuthClientConfig, EKSAuthClientResolvedConfig } from "../EKSAuthClient"; + +/** + * @internal + */ +export interface EKSAuthHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EKSAuthHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EKSAuthClientResolvedConfig, + HandlerExecutionContext, + EKSAuthHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEKSAuthHttpAuthSchemeParametersProvider = async ( + config: EKSAuthClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EKSAuthHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "eks-auth", + region: authParameters.region, + }, + propertiesExtractor: (config: EKSAuthClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EKSAuthHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEKSAuthHttpAuthSchemeProvider: EKSAuthHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EKSAuthHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EKSAuthHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-eks-auth/src/extensionConfiguration.ts b/clients/client-eks-auth/src/extensionConfiguration.ts index d81b61172926e..52831a1b857ec 100644 --- a/clients/client-eks-auth/src/extensionConfiguration.ts +++ b/clients/client-eks-auth/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EKSAuthExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-eks-auth/src/runtimeConfig.shared.ts b/clients/client-eks-auth/src/runtimeConfig.shared.ts index 9a5af94663fc5..eee809b741ed5 100644 --- a/clients/client-eks-auth/src/runtimeConfig.shared.ts +++ b/clients/client-eks-auth/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEKSAuthHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EKSAuthClientConfig } from "./EKSAuthClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EKSAuthClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEKSAuthHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EKS Auth", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-eks-auth/src/runtimeExtensions.ts b/clients/client-eks-auth/src/runtimeExtensions.ts index 5441e244aedec..1a6db1e8cf40b 100644 --- a/clients/client-eks-auth/src/runtimeExtensions.ts +++ b/clients/client-eks-auth/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EKSAuthExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-eks/package.json b/clients/client-eks/package.json index bcf16c63607e9..9690d16996993 100644 --- a/clients/client-eks/package.json +++ b/clients/client-eks/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-eks/src/EKSClient.ts b/clients/client-eks/src/EKSClient.ts index d8e638ef1e9c4..644d232450b6b 100644 --- a/clients/client-eks/src/EKSClient.ts +++ b/clients/client-eks/src/EKSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEKSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAccessPolicyCommandInput, AssociateAccessPolicyCommandOutput, @@ -414,21 +419,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -467,8 +473,8 @@ export type EKSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -487,8 +493,8 @@ export type EKSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -527,8 +533,8 @@ export class EKSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -537,8 +543,14 @@ export class EKSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -549,4 +561,13 @@ export class EKSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEKSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EKSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-eks/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-eks/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..27690513a7ead --- /dev/null +++ b/clients/client-eks/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EKSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EKSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EKSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EKSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EKSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EKSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-eks/src/auth/httpAuthSchemeProvider.ts b/clients/client-eks/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a6b9c34f1b9de --- /dev/null +++ b/clients/client-eks/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EKSClientConfig, EKSClientResolvedConfig } from "../EKSClient"; + +/** + * @internal + */ +export interface EKSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EKSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EKSClientResolvedConfig, + HandlerExecutionContext, + EKSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEKSHttpAuthSchemeParametersProvider = async ( + config: EKSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EKSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "eks", + region: authParameters.region, + }, + propertiesExtractor: (config: EKSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EKSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEKSHttpAuthSchemeProvider: EKSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EKSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EKSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-eks/src/extensionConfiguration.ts b/clients/client-eks/src/extensionConfiguration.ts index 30ccf07285b35..f8c04a0118c69 100644 --- a/clients/client-eks/src/extensionConfiguration.ts +++ b/clients/client-eks/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EKSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-eks/src/runtimeConfig.shared.ts b/clients/client-eks/src/runtimeConfig.shared.ts index 319862a568c39..2b6bdafc5ac77 100644 --- a/clients/client-eks/src/runtimeConfig.shared.ts +++ b/clients/client-eks/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEKSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EKSClientConfig } from "./EKSClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EKSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEKSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EKS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-eks/src/runtimeExtensions.ts b/clients/client-eks/src/runtimeExtensions.ts index ee8c32dda7969..4e5ff099fdba8 100644 --- a/clients/client-eks/src/runtimeExtensions.ts +++ b/clients/client-eks/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EKSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elastic-beanstalk/package.json b/clients/client-elastic-beanstalk/package.json index d913bce41f7f6..f03da47bcde01 100644 --- a/clients/client-elastic-beanstalk/package.json +++ b/clients/client-elastic-beanstalk/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-elastic-beanstalk/src/ElasticBeanstalkClient.ts b/clients/client-elastic-beanstalk/src/ElasticBeanstalkClient.ts index f05002a6a5b92..88c10a8cfa3f0 100644 --- a/clients/client-elastic-beanstalk/src/ElasticBeanstalkClient.ts +++ b/clients/client-elastic-beanstalk/src/ElasticBeanstalkClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticBeanstalkHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AbortEnvironmentUpdateCommandInput, AbortEnvironmentUpdateCommandOutput, @@ -414,21 +419,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -467,8 +473,8 @@ export type ElasticBeanstalkClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -487,8 +493,8 @@ export type ElasticBeanstalkClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -531,8 +537,8 @@ export class ElasticBeanstalkClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -541,8 +547,14 @@ export class ElasticBeanstalkClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -553,4 +565,13 @@ export class ElasticBeanstalkClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticBeanstalkHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticBeanstalkClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elastic-beanstalk/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elastic-beanstalk/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..318825ad194cc --- /dev/null +++ b/clients/client-elastic-beanstalk/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticBeanstalkHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticBeanstalkHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticBeanstalkHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticBeanstalkHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticBeanstalkHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticBeanstalkHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elastic-beanstalk/src/auth/httpAuthSchemeProvider.ts b/clients/client-elastic-beanstalk/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..13025c90c9426 --- /dev/null +++ b/clients/client-elastic-beanstalk/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ElasticBeanstalkClientConfig, ElasticBeanstalkClientResolvedConfig } from "../ElasticBeanstalkClient"; + +/** + * @internal + */ +export interface ElasticBeanstalkHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticBeanstalkHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticBeanstalkClientResolvedConfig, + HandlerExecutionContext, + ElasticBeanstalkHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticBeanstalkHttpAuthSchemeParametersProvider = async ( + config: ElasticBeanstalkClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ElasticBeanstalkHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticbeanstalk", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticBeanstalkClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticBeanstalkHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticBeanstalkHttpAuthSchemeProvider: ElasticBeanstalkHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticBeanstalkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticBeanstalkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elastic-beanstalk/src/extensionConfiguration.ts b/clients/client-elastic-beanstalk/src/extensionConfiguration.ts index 4ecdce051afc2..dfbf88c24c14b 100644 --- a/clients/client-elastic-beanstalk/src/extensionConfiguration.ts +++ b/clients/client-elastic-beanstalk/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticBeanstalkExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elastic-beanstalk/src/runtimeConfig.shared.ts b/clients/client-elastic-beanstalk/src/runtimeConfig.shared.ts index 673cdcf7cc0ec..4eba25044c386 100644 --- a/clients/client-elastic-beanstalk/src/runtimeConfig.shared.ts +++ b/clients/client-elastic-beanstalk/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticBeanstalkHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticBeanstalkClientConfig } from "./ElasticBeanstalkClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticBeanstalkClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticBeanstalkHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elastic Beanstalk", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elastic-beanstalk/src/runtimeExtensions.ts b/clients/client-elastic-beanstalk/src/runtimeExtensions.ts index 74dbf04f5d5fb..2adf7c2abbe11 100644 --- a/clients/client-elastic-beanstalk/src/runtimeExtensions.ts +++ b/clients/client-elastic-beanstalk/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticBeanstalkExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elastic-inference/package.json b/clients/client-elastic-inference/package.json index 7587253a8e6b1..11a76ae4b6d43 100644 --- a/clients/client-elastic-inference/package.json +++ b/clients/client-elastic-inference/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-elastic-inference/src/ElasticInferenceClient.ts b/clients/client-elastic-inference/src/ElasticInferenceClient.ts index 097c8e47cdc57..5df903b4e3535 100644 --- a/clients/client-elastic-inference/src/ElasticInferenceClient.ts +++ b/clients/client-elastic-inference/src/ElasticInferenceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticInferenceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeAcceleratorOfferingsCommandInput, DescribeAcceleratorOfferingsCommandOutput, @@ -186,21 +191,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -239,8 +245,8 @@ export type ElasticInferenceClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -259,8 +265,8 @@ export type ElasticInferenceClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export class ElasticInferenceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -308,8 +314,14 @@ export class ElasticInferenceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -320,4 +332,13 @@ export class ElasticInferenceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticInferenceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticInferenceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elastic-inference/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elastic-inference/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a35eb8fa99183 --- /dev/null +++ b/clients/client-elastic-inference/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticInferenceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticInferenceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticInferenceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticInferenceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticInferenceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticInferenceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elastic-inference/src/auth/httpAuthSchemeProvider.ts b/clients/client-elastic-inference/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b6139ff04037c --- /dev/null +++ b/clients/client-elastic-inference/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ElasticInferenceClientConfig, ElasticInferenceClientResolvedConfig } from "../ElasticInferenceClient"; + +/** + * @internal + */ +export interface ElasticInferenceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticInferenceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticInferenceClientResolvedConfig, + HandlerExecutionContext, + ElasticInferenceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticInferenceHttpAuthSchemeParametersProvider = async ( + config: ElasticInferenceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ElasticInferenceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elastic-inference", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticInferenceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticInferenceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticInferenceHttpAuthSchemeProvider: ElasticInferenceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticInferenceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticInferenceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elastic-inference/src/extensionConfiguration.ts b/clients/client-elastic-inference/src/extensionConfiguration.ts index c55d149dd6e6f..af4214331a938 100644 --- a/clients/client-elastic-inference/src/extensionConfiguration.ts +++ b/clients/client-elastic-inference/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticInferenceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elastic-inference/src/runtimeConfig.shared.ts b/clients/client-elastic-inference/src/runtimeConfig.shared.ts index efd3b759577b9..43e159de53fc2 100644 --- a/clients/client-elastic-inference/src/runtimeConfig.shared.ts +++ b/clients/client-elastic-inference/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticInferenceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticInferenceClientConfig } from "./ElasticInferenceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticInferenceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticInferenceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elastic Inference", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elastic-inference/src/runtimeExtensions.ts b/clients/client-elastic-inference/src/runtimeExtensions.ts index 84f2f5dc75b39..d3c0f1e03aba4 100644 --- a/clients/client-elastic-inference/src/runtimeExtensions.ts +++ b/clients/client-elastic-inference/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticInferenceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elastic-load-balancing-v2/package.json b/clients/client-elastic-load-balancing-v2/package.json index 7516317307f20..b0f50a4b712e3 100644 --- a/clients/client-elastic-load-balancing-v2/package.json +++ b/clients/client-elastic-load-balancing-v2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-elastic-load-balancing-v2/src/ElasticLoadBalancingV2Client.ts b/clients/client-elastic-load-balancing-v2/src/ElasticLoadBalancingV2Client.ts index 9cf5ac3af5611..633460cdb266f 100644 --- a/clients/client-elastic-load-balancing-v2/src/ElasticLoadBalancingV2Client.ts +++ b/clients/client-elastic-load-balancing-v2/src/ElasticLoadBalancingV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticLoadBalancingV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddListenerCertificatesCommandInput, AddListenerCertificatesCommandOutput, @@ -345,21 +350,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -398,8 +404,8 @@ export type ElasticLoadBalancingV2ClientConfigType = Partial<__SmithyConfigurati EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -418,8 +424,8 @@ export type ElasticLoadBalancingV2ClientResolvedConfigType = __SmithyResolvedCon EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -478,8 +484,8 @@ export class ElasticLoadBalancingV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -488,8 +494,14 @@ export class ElasticLoadBalancingV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -500,4 +512,13 @@ export class ElasticLoadBalancingV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticLoadBalancingV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticLoadBalancingV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elastic-load-balancing-v2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elastic-load-balancing-v2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c4f394e44c6eb --- /dev/null +++ b/clients/client-elastic-load-balancing-v2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticLoadBalancingV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticLoadBalancingV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticLoadBalancingV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticLoadBalancingV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticLoadBalancingV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticLoadBalancingV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elastic-load-balancing-v2/src/auth/httpAuthSchemeProvider.ts b/clients/client-elastic-load-balancing-v2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ab130d6405bcc --- /dev/null +++ b/clients/client-elastic-load-balancing-v2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ElasticLoadBalancingV2ClientConfig, + ElasticLoadBalancingV2ClientResolvedConfig, +} from "../ElasticLoadBalancingV2Client"; + +/** + * @internal + */ +export interface ElasticLoadBalancingV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticLoadBalancingV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticLoadBalancingV2ClientResolvedConfig, + HandlerExecutionContext, + ElasticLoadBalancingV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticLoadBalancingV2HttpAuthSchemeParametersProvider = async ( + config: ElasticLoadBalancingV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ElasticLoadBalancingV2HttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticloadbalancing", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticLoadBalancingV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticLoadBalancingV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticLoadBalancingV2HttpAuthSchemeProvider: ElasticLoadBalancingV2HttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticLoadBalancingV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticLoadBalancingV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elastic-load-balancing-v2/src/extensionConfiguration.ts b/clients/client-elastic-load-balancing-v2/src/extensionConfiguration.ts index eff5989820f12..045c313523b40 100644 --- a/clients/client-elastic-load-balancing-v2/src/extensionConfiguration.ts +++ b/clients/client-elastic-load-balancing-v2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticLoadBalancingV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elastic-load-balancing-v2/src/runtimeConfig.shared.ts b/clients/client-elastic-load-balancing-v2/src/runtimeConfig.shared.ts index b29d867115ac6..506c9430a46e4 100644 --- a/clients/client-elastic-load-balancing-v2/src/runtimeConfig.shared.ts +++ b/clients/client-elastic-load-balancing-v2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticLoadBalancingV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticLoadBalancingV2ClientConfig } from "./ElasticLoadBalancingV2Client"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticLoadBalancingV2ClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticLoadBalancingV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elastic Load Balancing v2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elastic-load-balancing-v2/src/runtimeExtensions.ts b/clients/client-elastic-load-balancing-v2/src/runtimeExtensions.ts index de792b316ca56..956da6a744a97 100644 --- a/clients/client-elastic-load-balancing-v2/src/runtimeExtensions.ts +++ b/clients/client-elastic-load-balancing-v2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticLoadBalancingV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elastic-load-balancing/package.json b/clients/client-elastic-load-balancing/package.json index 4ecc2b1534d3b..90dd962ee9c6e 100644 --- a/clients/client-elastic-load-balancing/package.json +++ b/clients/client-elastic-load-balancing/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-elastic-load-balancing/src/ElasticLoadBalancingClient.ts b/clients/client-elastic-load-balancing/src/ElasticLoadBalancingClient.ts index 0724454587070..af340199956c6 100644 --- a/clients/client-elastic-load-balancing/src/ElasticLoadBalancingClient.ts +++ b/clients/client-elastic-load-balancing/src/ElasticLoadBalancingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticLoadBalancingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsCommandInput, AddTagsCommandOutput } from "./commands/AddTagsCommand"; import { ApplySecurityGroupsToLoadBalancerCommandInput, @@ -315,21 +320,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -368,8 +374,8 @@ export type ElasticLoadBalancingClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -388,8 +394,8 @@ export type ElasticLoadBalancingClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -440,8 +446,8 @@ export class ElasticLoadBalancingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -450,8 +456,14 @@ export class ElasticLoadBalancingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -462,4 +474,13 @@ export class ElasticLoadBalancingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticLoadBalancingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticLoadBalancingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elastic-load-balancing/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elastic-load-balancing/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2dbe3c43e9a15 --- /dev/null +++ b/clients/client-elastic-load-balancing/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticLoadBalancingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticLoadBalancingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticLoadBalancingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticLoadBalancingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticLoadBalancingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticLoadBalancingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elastic-load-balancing/src/auth/httpAuthSchemeProvider.ts b/clients/client-elastic-load-balancing/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2566a30723429 --- /dev/null +++ b/clients/client-elastic-load-balancing/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ElasticLoadBalancingClientConfig, + ElasticLoadBalancingClientResolvedConfig, +} from "../ElasticLoadBalancingClient"; + +/** + * @internal + */ +export interface ElasticLoadBalancingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticLoadBalancingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticLoadBalancingClientResolvedConfig, + HandlerExecutionContext, + ElasticLoadBalancingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticLoadBalancingHttpAuthSchemeParametersProvider = async ( + config: ElasticLoadBalancingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ElasticLoadBalancingHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticloadbalancing", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticLoadBalancingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticLoadBalancingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticLoadBalancingHttpAuthSchemeProvider: ElasticLoadBalancingHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticLoadBalancingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticLoadBalancingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elastic-load-balancing/src/extensionConfiguration.ts b/clients/client-elastic-load-balancing/src/extensionConfiguration.ts index 6e79155312ec6..bf5ed7b3ebed1 100644 --- a/clients/client-elastic-load-balancing/src/extensionConfiguration.ts +++ b/clients/client-elastic-load-balancing/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticLoadBalancingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elastic-load-balancing/src/runtimeConfig.shared.ts b/clients/client-elastic-load-balancing/src/runtimeConfig.shared.ts index 70b96371f7d3f..4ae84c827a2ec 100644 --- a/clients/client-elastic-load-balancing/src/runtimeConfig.shared.ts +++ b/clients/client-elastic-load-balancing/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticLoadBalancingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticLoadBalancingClientConfig } from "./ElasticLoadBalancingClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticLoadBalancingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticLoadBalancingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elastic Load Balancing", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elastic-load-balancing/src/runtimeExtensions.ts b/clients/client-elastic-load-balancing/src/runtimeExtensions.ts index 125b3a5f86a09..c055afa6555b1 100644 --- a/clients/client-elastic-load-balancing/src/runtimeExtensions.ts +++ b/clients/client-elastic-load-balancing/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticLoadBalancingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elastic-transcoder/package.json b/clients/client-elastic-transcoder/package.json index ed4c999447afa..d9ac06d36fd73 100644 --- a/clients/client-elastic-transcoder/package.json +++ b/clients/client-elastic-transcoder/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-elastic-transcoder/src/ElasticTranscoderClient.ts b/clients/client-elastic-transcoder/src/ElasticTranscoderClient.ts index cc771470b5c7a..4b0ef10802a35 100644 --- a/clients/client-elastic-transcoder/src/ElasticTranscoderClient.ts +++ b/clients/client-elastic-transcoder/src/ElasticTranscoderClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticTranscoderHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobCommandInput, CancelJobCommandOutput } from "./commands/CancelJobCommand"; import { CreateJobCommandInput, CreateJobCommandOutput } from "./commands/CreateJobCommand"; import { CreatePipelineCommandInput, CreatePipelineCommandOutput } from "./commands/CreatePipelineCommand"; @@ -213,21 +218,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -266,8 +272,8 @@ export type ElasticTranscoderClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -286,8 +292,8 @@ export type ElasticTranscoderClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -319,8 +325,8 @@ export class ElasticTranscoderClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -329,8 +335,14 @@ export class ElasticTranscoderClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -341,4 +353,13 @@ export class ElasticTranscoderClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticTranscoderHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticTranscoderClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elastic-transcoder/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elastic-transcoder/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..22529062d1e7a --- /dev/null +++ b/clients/client-elastic-transcoder/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticTranscoderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticTranscoderHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticTranscoderHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticTranscoderHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticTranscoderHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticTranscoderHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elastic-transcoder/src/auth/httpAuthSchemeProvider.ts b/clients/client-elastic-transcoder/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..eb8b37bab3f38 --- /dev/null +++ b/clients/client-elastic-transcoder/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ElasticTranscoderClientConfig, ElasticTranscoderClientResolvedConfig } from "../ElasticTranscoderClient"; + +/** + * @internal + */ +export interface ElasticTranscoderHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticTranscoderHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticTranscoderClientResolvedConfig, + HandlerExecutionContext, + ElasticTranscoderHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticTranscoderHttpAuthSchemeParametersProvider = async ( + config: ElasticTranscoderClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ElasticTranscoderHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elastictranscoder", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticTranscoderClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticTranscoderHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticTranscoderHttpAuthSchemeProvider: ElasticTranscoderHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticTranscoderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticTranscoderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elastic-transcoder/src/extensionConfiguration.ts b/clients/client-elastic-transcoder/src/extensionConfiguration.ts index 088d2c5380396..bcc2d183e8eba 100644 --- a/clients/client-elastic-transcoder/src/extensionConfiguration.ts +++ b/clients/client-elastic-transcoder/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticTranscoderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elastic-transcoder/src/runtimeConfig.shared.ts b/clients/client-elastic-transcoder/src/runtimeConfig.shared.ts index 295c62483e86c..e4931d8dfd0e4 100644 --- a/clients/client-elastic-transcoder/src/runtimeConfig.shared.ts +++ b/clients/client-elastic-transcoder/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticTranscoderHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticTranscoderClientConfig } from "./ElasticTranscoderClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticTranscoderClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticTranscoderHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elastic Transcoder", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elastic-transcoder/src/runtimeExtensions.ts b/clients/client-elastic-transcoder/src/runtimeExtensions.ts index 09ae3d08399f8..c272bb780897b 100644 --- a/clients/client-elastic-transcoder/src/runtimeExtensions.ts +++ b/clients/client-elastic-transcoder/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticTranscoderExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elasticache/package.json b/clients/client-elasticache/package.json index 01eb446f0f93c..6feb7744d1f52 100644 --- a/clients/client-elasticache/package.json +++ b/clients/client-elasticache/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-elasticache/src/ElastiCacheClient.ts b/clients/client-elasticache/src/ElastiCacheClient.ts index 94c423fb889d9..b9b5715df163c 100644 --- a/clients/client-elasticache/src/ElastiCacheClient.ts +++ b/clients/client-elasticache/src/ElastiCacheClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElastiCacheHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToResourceCommandInput, AddTagsToResourceCommandOutput } from "./commands/AddTagsToResourceCommand"; import { AuthorizeCacheSecurityGroupIngressCommandInput, @@ -540,21 +545,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -593,8 +599,8 @@ export type ElastiCacheClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -613,8 +619,8 @@ export type ElastiCacheClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -654,8 +660,8 @@ export class ElastiCacheClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -664,8 +670,14 @@ export class ElastiCacheClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -676,4 +688,13 @@ export class ElastiCacheClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElastiCacheHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElastiCacheClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elasticache/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elasticache/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5c3703e5a1878 --- /dev/null +++ b/clients/client-elasticache/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElastiCacheHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElastiCacheHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElastiCacheHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElastiCacheHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElastiCacheHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElastiCacheHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elasticache/src/auth/httpAuthSchemeProvider.ts b/clients/client-elasticache/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..60c735901b68a --- /dev/null +++ b/clients/client-elasticache/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ElastiCacheClientConfig, ElastiCacheClientResolvedConfig } from "../ElastiCacheClient"; + +/** + * @internal + */ +export interface ElastiCacheHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElastiCacheHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElastiCacheClientResolvedConfig, + HandlerExecutionContext, + ElastiCacheHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElastiCacheHttpAuthSchemeParametersProvider = async ( + config: ElastiCacheClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ElastiCacheHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticache", + region: authParameters.region, + }, + propertiesExtractor: (config: ElastiCacheClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElastiCacheHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElastiCacheHttpAuthSchemeProvider: ElastiCacheHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElastiCacheHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElastiCacheHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elasticache/src/extensionConfiguration.ts b/clients/client-elasticache/src/extensionConfiguration.ts index 73042363bd94c..44c8533c1a897 100644 --- a/clients/client-elasticache/src/extensionConfiguration.ts +++ b/clients/client-elasticache/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElastiCacheExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elasticache/src/runtimeConfig.shared.ts b/clients/client-elasticache/src/runtimeConfig.shared.ts index a874faf4de0c7..8e3fa0d1dc4d9 100644 --- a/clients/client-elasticache/src/runtimeConfig.shared.ts +++ b/clients/client-elasticache/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElastiCacheHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElastiCacheClientConfig } from "./ElastiCacheClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElastiCacheClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElastiCacheHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ElastiCache", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elasticache/src/runtimeExtensions.ts b/clients/client-elasticache/src/runtimeExtensions.ts index 2b23b3780b542..2fd21a635facc 100644 --- a/clients/client-elasticache/src/runtimeExtensions.ts +++ b/clients/client-elasticache/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElastiCacheExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-elasticsearch-service/package.json b/clients/client-elasticsearch-service/package.json index c7ae4fcb61bd3..4daa6cee14766 100644 --- a/clients/client-elasticsearch-service/package.json +++ b/clients/client-elasticsearch-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-elasticsearch-service/src/ElasticsearchServiceClient.ts b/clients/client-elasticsearch-service/src/ElasticsearchServiceClient.ts index c7e692639add8..dcb4985bdee1c 100644 --- a/clients/client-elasticsearch-service/src/ElasticsearchServiceClient.ts +++ b/clients/client-elasticsearch-service/src/ElasticsearchServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultElasticsearchServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptInboundCrossClusterSearchConnectionCommandInput, AcceptInboundCrossClusterSearchConnectionCommandOutput, @@ -414,21 +419,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -467,8 +473,8 @@ export type ElasticsearchServiceClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -487,8 +493,8 @@ export type ElasticsearchServiceClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -525,8 +531,8 @@ export class ElasticsearchServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -535,8 +541,14 @@ export class ElasticsearchServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -547,4 +559,13 @@ export class ElasticsearchServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultElasticsearchServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ElasticsearchServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-elasticsearch-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-elasticsearch-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..654f791ed9cde --- /dev/null +++ b/clients/client-elasticsearch-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ElasticsearchServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticsearchServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ElasticsearchServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ElasticsearchServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ElasticsearchServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ElasticsearchServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-elasticsearch-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-elasticsearch-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0f8d99450124f --- /dev/null +++ b/clients/client-elasticsearch-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ElasticsearchServiceClientConfig, + ElasticsearchServiceClientResolvedConfig, +} from "../ElasticsearchServiceClient"; + +/** + * @internal + */ +export interface ElasticsearchServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ElasticsearchServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ElasticsearchServiceClientResolvedConfig, + HandlerExecutionContext, + ElasticsearchServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultElasticsearchServiceHttpAuthSchemeParametersProvider = async ( + config: ElasticsearchServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ElasticsearchServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "es", + region: authParameters.region, + }, + propertiesExtractor: (config: ElasticsearchServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ElasticsearchServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultElasticsearchServiceHttpAuthSchemeProvider: ElasticsearchServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ElasticsearchServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ElasticsearchServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-elasticsearch-service/src/extensionConfiguration.ts b/clients/client-elasticsearch-service/src/extensionConfiguration.ts index 1066ff3fdef94..0dcce062ecb36 100644 --- a/clients/client-elasticsearch-service/src/extensionConfiguration.ts +++ b/clients/client-elasticsearch-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ElasticsearchServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-elasticsearch-service/src/runtimeConfig.shared.ts b/clients/client-elasticsearch-service/src/runtimeConfig.shared.ts index 347592110816f..28c3538c4b448 100644 --- a/clients/client-elasticsearch-service/src/runtimeConfig.shared.ts +++ b/clients/client-elasticsearch-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultElasticsearchServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { ElasticsearchServiceClientConfig } from "./ElasticsearchServiceClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ElasticsearchServiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultElasticsearchServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Elasticsearch Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-elasticsearch-service/src/runtimeExtensions.ts b/clients/client-elasticsearch-service/src/runtimeExtensions.ts index f547c88b0201a..96f32303e50d4 100644 --- a/clients/client-elasticsearch-service/src/runtimeExtensions.ts +++ b/clients/client-elasticsearch-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ElasticsearchServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-emr-containers/package.json b/clients/client-emr-containers/package.json index d073512fb09a0..5d145a73990a1 100644 --- a/clients/client-emr-containers/package.json +++ b/clients/client-emr-containers/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-emr-containers/src/EMRContainersClient.ts b/clients/client-emr-containers/src/EMRContainersClient.ts index a630aaa6eb95c..1987b6017cdef 100644 --- a/clients/client-emr-containers/src/EMRContainersClient.ts +++ b/clients/client-emr-containers/src/EMRContainersClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEMRContainersHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobRunCommandInput, CancelJobRunCommandOutput } from "./commands/CancelJobRunCommand"; import { CreateJobTemplateCommandInput, CreateJobTemplateCommandOutput } from "./commands/CreateJobTemplateCommand"; import { @@ -249,21 +254,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -302,8 +308,8 @@ export type EMRContainersClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export type EMRContainersClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -377,8 +383,8 @@ export class EMRContainersClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -387,8 +393,14 @@ export class EMRContainersClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -399,4 +411,13 @@ export class EMRContainersClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEMRContainersHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EMRContainersClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-emr-containers/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-emr-containers/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d8272f775b6f9 --- /dev/null +++ b/clients/client-emr-containers/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EMRContainersHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRContainersHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EMRContainersHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EMRContainersHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRContainersHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EMRContainersHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-emr-containers/src/auth/httpAuthSchemeProvider.ts b/clients/client-emr-containers/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..955a5dab012e1 --- /dev/null +++ b/clients/client-emr-containers/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EMRContainersClientConfig, EMRContainersClientResolvedConfig } from "../EMRContainersClient"; + +/** + * @internal + */ +export interface EMRContainersHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EMRContainersHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EMRContainersClientResolvedConfig, + HandlerExecutionContext, + EMRContainersHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEMRContainersHttpAuthSchemeParametersProvider = async ( + config: EMRContainersClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EMRContainersHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "emr-containers", + region: authParameters.region, + }, + propertiesExtractor: (config: EMRContainersClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EMRContainersHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEMRContainersHttpAuthSchemeProvider: EMRContainersHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EMRContainersHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EMRContainersHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-emr-containers/src/extensionConfiguration.ts b/clients/client-emr-containers/src/extensionConfiguration.ts index fa3f45c3d12d4..d7c4b5990fc1c 100644 --- a/clients/client-emr-containers/src/extensionConfiguration.ts +++ b/clients/client-emr-containers/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EMRContainersExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-emr-containers/src/runtimeConfig.shared.ts b/clients/client-emr-containers/src/runtimeConfig.shared.ts index 7073cdd8a77ed..152cd49cb679a 100644 --- a/clients/client-emr-containers/src/runtimeConfig.shared.ts +++ b/clients/client-emr-containers/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEMRContainersHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EMRContainersClientConfig } from "./EMRContainersClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EMRContainersClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEMRContainersHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EMR containers", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-emr-containers/src/runtimeExtensions.ts b/clients/client-emr-containers/src/runtimeExtensions.ts index 84b41611b957b..8c126bc51574d 100644 --- a/clients/client-emr-containers/src/runtimeExtensions.ts +++ b/clients/client-emr-containers/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EMRContainersExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-emr-serverless/package.json b/clients/client-emr-serverless/package.json index 6f327c7d66711..55f35b7bb3fde 100644 --- a/clients/client-emr-serverless/package.json +++ b/clients/client-emr-serverless/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-emr-serverless/src/EMRServerlessClient.ts b/clients/client-emr-serverless/src/EMRServerlessClient.ts index 723cd53580737..082cd03f5df7a 100644 --- a/clients/client-emr-serverless/src/EMRServerlessClient.ts +++ b/clients/client-emr-serverless/src/EMRServerlessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEMRServerlessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJobRunCommandInput, CancelJobRunCommandOutput } from "./commands/CancelJobRunCommand"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { DeleteApplicationCommandInput, DeleteApplicationCommandOutput } from "./commands/DeleteApplicationCommand"; @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type EMRServerlessClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type EMRServerlessClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -332,8 +338,8 @@ export class EMRServerlessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -342,8 +348,14 @@ export class EMRServerlessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -354,4 +366,13 @@ export class EMRServerlessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEMRServerlessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EMRServerlessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-emr-serverless/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-emr-serverless/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d7264861a9119 --- /dev/null +++ b/clients/client-emr-serverless/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EMRServerlessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRServerlessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EMRServerlessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EMRServerlessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRServerlessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EMRServerlessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-emr-serverless/src/auth/httpAuthSchemeProvider.ts b/clients/client-emr-serverless/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..660357de7c423 --- /dev/null +++ b/clients/client-emr-serverless/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EMRServerlessClientConfig, EMRServerlessClientResolvedConfig } from "../EMRServerlessClient"; + +/** + * @internal + */ +export interface EMRServerlessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EMRServerlessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EMRServerlessClientResolvedConfig, + HandlerExecutionContext, + EMRServerlessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEMRServerlessHttpAuthSchemeParametersProvider = async ( + config: EMRServerlessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EMRServerlessHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "emr-serverless", + region: authParameters.region, + }, + propertiesExtractor: (config: EMRServerlessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EMRServerlessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEMRServerlessHttpAuthSchemeProvider: EMRServerlessHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EMRServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EMRServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-emr-serverless/src/extensionConfiguration.ts b/clients/client-emr-serverless/src/extensionConfiguration.ts index 55b8c1891e2f1..30c2aa0443312 100644 --- a/clients/client-emr-serverless/src/extensionConfiguration.ts +++ b/clients/client-emr-serverless/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EMRServerlessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-emr-serverless/src/runtimeConfig.shared.ts b/clients/client-emr-serverless/src/runtimeConfig.shared.ts index 0832253a61833..9e9b072133d25 100644 --- a/clients/client-emr-serverless/src/runtimeConfig.shared.ts +++ b/clients/client-emr-serverless/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEMRServerlessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EMRServerlessClientConfig } from "./EMRServerlessClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EMRServerlessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEMRServerlessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EMR Serverless", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-emr-serverless/src/runtimeExtensions.ts b/clients/client-emr-serverless/src/runtimeExtensions.ts index 67405f765f446..50e0e1dbac958 100644 --- a/clients/client-emr-serverless/src/runtimeExtensions.ts +++ b/clients/client-emr-serverless/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EMRServerlessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-emr/package.json b/clients/client-emr/package.json index 54e4905c05802..df101e16561f1 100644 --- a/clients/client-emr/package.json +++ b/clients/client-emr/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-emr/src/EMRClient.ts b/clients/client-emr/src/EMRClient.ts index 3455633fe02a0..87c3a61f37728 100644 --- a/clients/client-emr/src/EMRClient.ts +++ b/clients/client-emr/src/EMRClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEMRHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddInstanceFleetCommandInput, AddInstanceFleetCommandOutput } from "./commands/AddInstanceFleetCommand"; import { AddInstanceGroupsCommandInput, AddInstanceGroupsCommandOutput } from "./commands/AddInstanceGroupsCommand"; import { AddJobFlowStepsCommandInput, AddJobFlowStepsCommandOutput } from "./commands/AddJobFlowStepsCommand"; @@ -417,21 +422,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -470,8 +476,8 @@ export type EMRClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -490,8 +496,8 @@ export type EMRClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -524,8 +530,8 @@ export class EMRClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -534,8 +540,14 @@ export class EMRClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -546,4 +558,13 @@ export class EMRClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEMRHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EMRClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-emr/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-emr/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b74d6db85b5d1 --- /dev/null +++ b/clients/client-emr/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EMRHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EMRHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EMRHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EMRHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EMRHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-emr/src/auth/httpAuthSchemeProvider.ts b/clients/client-emr/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6f374fd5f13a8 --- /dev/null +++ b/clients/client-emr/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EMRClientConfig, EMRClientResolvedConfig } from "../EMRClient"; + +/** + * @internal + */ +export interface EMRHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EMRHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EMRClientResolvedConfig, + HandlerExecutionContext, + EMRHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEMRHttpAuthSchemeParametersProvider = async ( + config: EMRClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EMRHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "elasticmapreduce", + region: authParameters.region, + }, + propertiesExtractor: (config: EMRClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EMRHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEMRHttpAuthSchemeProvider: EMRHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EMRHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EMRHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-emr/src/extensionConfiguration.ts b/clients/client-emr/src/extensionConfiguration.ts index b5a1b3389e4b5..9639e088d5304 100644 --- a/clients/client-emr/src/extensionConfiguration.ts +++ b/clients/client-emr/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EMRExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-emr/src/runtimeConfig.shared.ts b/clients/client-emr/src/runtimeConfig.shared.ts index 34b4b4798397e..2a47f6afe40c0 100644 --- a/clients/client-emr/src/runtimeConfig.shared.ts +++ b/clients/client-emr/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEMRHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { EMRClientConfig } from "./EMRClient"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EMRClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEMRHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EMR", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-emr/src/runtimeExtensions.ts b/clients/client-emr/src/runtimeExtensions.ts index 2462240301ae6..38a1b867e4e5f 100644 --- a/clients/client-emr/src/runtimeExtensions.ts +++ b/clients/client-emr/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EMRExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-entityresolution/package.json b/clients/client-entityresolution/package.json index 9b3d01edf2ea9..419236111d818 100644 --- a/clients/client-entityresolution/package.json +++ b/clients/client-entityresolution/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-entityresolution/src/EntityResolutionClient.ts b/clients/client-entityresolution/src/EntityResolutionClient.ts index 03a8d1f9646b0..eb8d3072013c2 100644 --- a/clients/client-entityresolution/src/EntityResolutionClient.ts +++ b/clients/client-entityresolution/src/EntityResolutionClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEntityResolutionHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateIdMappingWorkflowCommandInput, CreateIdMappingWorkflowCommandOutput, @@ -282,21 +287,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -335,8 +341,8 @@ export type EntityResolutionClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -355,8 +361,8 @@ export type EntityResolutionClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -397,8 +403,8 @@ export class EntityResolutionClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -407,8 +413,14 @@ export class EntityResolutionClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -419,4 +431,13 @@ export class EntityResolutionClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEntityResolutionHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EntityResolutionClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-entityresolution/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-entityresolution/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ffccec5a75c28 --- /dev/null +++ b/clients/client-entityresolution/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EntityResolutionHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EntityResolutionHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EntityResolutionHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EntityResolutionHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EntityResolutionHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EntityResolutionHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-entityresolution/src/auth/httpAuthSchemeProvider.ts b/clients/client-entityresolution/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..20bc4f413adb4 --- /dev/null +++ b/clients/client-entityresolution/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EntityResolutionClientConfig, EntityResolutionClientResolvedConfig } from "../EntityResolutionClient"; + +/** + * @internal + */ +export interface EntityResolutionHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EntityResolutionHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EntityResolutionClientResolvedConfig, + HandlerExecutionContext, + EntityResolutionHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEntityResolutionHttpAuthSchemeParametersProvider = async ( + config: EntityResolutionClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EntityResolutionHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "entityresolution", + region: authParameters.region, + }, + propertiesExtractor: (config: EntityResolutionClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EntityResolutionHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEntityResolutionHttpAuthSchemeProvider: EntityResolutionHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EntityResolutionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EntityResolutionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-entityresolution/src/extensionConfiguration.ts b/clients/client-entityresolution/src/extensionConfiguration.ts index 55ef87deaba56..0dbe9f9850815 100644 --- a/clients/client-entityresolution/src/extensionConfiguration.ts +++ b/clients/client-entityresolution/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EntityResolutionExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-entityresolution/src/runtimeConfig.shared.ts b/clients/client-entityresolution/src/runtimeConfig.shared.ts index a6fca7a89ad59..75d10bd29fe8b 100644 --- a/clients/client-entityresolution/src/runtimeConfig.shared.ts +++ b/clients/client-entityresolution/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEntityResolutionHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { EntityResolutionClientConfig } from "./EntityResolutionClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EntityResolutionClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEntityResolutionHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "EntityResolution", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-entityresolution/src/runtimeExtensions.ts b/clients/client-entityresolution/src/runtimeExtensions.ts index 2b48ae5ab4bcf..bfdc27c4c0929 100644 --- a/clients/client-entityresolution/src/runtimeExtensions.ts +++ b/clients/client-entityresolution/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EntityResolutionExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-eventbridge/package.json b/clients/client-eventbridge/package.json index e5350f8f42f7e..767132b421fe1 100644 --- a/clients/client-eventbridge/package.json +++ b/clients/client-eventbridge/package.json @@ -55,7 +55,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-evidently/package.json b/clients/client-evidently/package.json index 8270dbeb18d04..b634cdaf8c358 100644 --- a/clients/client-evidently/package.json +++ b/clients/client-evidently/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-evidently/src/EvidentlyClient.ts b/clients/client-evidently/src/EvidentlyClient.ts index 800c4d4d15333..ea012e04f2902 100644 --- a/clients/client-evidently/src/EvidentlyClient.ts +++ b/clients/client-evidently/src/EvidentlyClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultEvidentlyHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchEvaluateFeatureCommandInput, BatchEvaluateFeatureCommandOutput, @@ -285,21 +290,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -338,8 +344,8 @@ export type EvidentlyClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -358,8 +364,8 @@ export type EvidentlyClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -399,8 +405,8 @@ export class EvidentlyClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -409,8 +415,14 @@ export class EvidentlyClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -421,4 +433,13 @@ export class EvidentlyClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultEvidentlyHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: EvidentlyClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-evidently/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-evidently/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5c4c9cf0309a1 --- /dev/null +++ b/clients/client-evidently/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { EvidentlyHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EvidentlyHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): EvidentlyHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: EvidentlyHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: EvidentlyHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): EvidentlyHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-evidently/src/auth/httpAuthSchemeProvider.ts b/clients/client-evidently/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0d783f3a698bd --- /dev/null +++ b/clients/client-evidently/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { EvidentlyClientConfig, EvidentlyClientResolvedConfig } from "../EvidentlyClient"; + +/** + * @internal + */ +export interface EvidentlyHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface EvidentlyHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + EvidentlyClientResolvedConfig, + HandlerExecutionContext, + EvidentlyHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultEvidentlyHttpAuthSchemeParametersProvider = async ( + config: EvidentlyClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: EvidentlyHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "evidently", + region: authParameters.region, + }, + propertiesExtractor: (config: EvidentlyClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface EvidentlyHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultEvidentlyHttpAuthSchemeProvider: EvidentlyHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: EvidentlyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: EvidentlyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-evidently/src/extensionConfiguration.ts b/clients/client-evidently/src/extensionConfiguration.ts index 7ee766439f051..455c35fe1743d 100644 --- a/clients/client-evidently/src/extensionConfiguration.ts +++ b/clients/client-evidently/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface EvidentlyExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-evidently/src/runtimeConfig.shared.ts b/clients/client-evidently/src/runtimeConfig.shared.ts index 21997cf6d9a91..b19a851daa091 100644 --- a/clients/client-evidently/src/runtimeConfig.shared.ts +++ b/clients/client-evidently/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultEvidentlyHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { EvidentlyClientConfig } from "./EvidentlyClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: EvidentlyClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultEvidentlyHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Evidently", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-evidently/src/runtimeExtensions.ts b/clients/client-evidently/src/runtimeExtensions.ts index bc0e15c8d51d0..0c4720d98f5d2 100644 --- a/clients/client-evidently/src/runtimeExtensions.ts +++ b/clients/client-evidently/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { EvidentlyExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-finspace-data/package.json b/clients/client-finspace-data/package.json index 3d092b07406a4..c6eb22591fa35 100644 --- a/clients/client-finspace-data/package.json +++ b/clients/client-finspace-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-finspace-data/src/FinspaceDataClient.ts b/clients/client-finspace-data/src/FinspaceDataClient.ts index fa8e6ee0d1f48..68e59fac832e5 100644 --- a/clients/client-finspace-data/src/FinspaceDataClient.ts +++ b/clients/client-finspace-data/src/FinspaceDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFinspaceDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateUserToPermissionGroupCommandInput, AssociateUserToPermissionGroupCommandOutput, @@ -279,21 +284,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -332,8 +338,8 @@ export type FinspaceDataClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -352,8 +358,8 @@ export type FinspaceDataClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -384,8 +390,8 @@ export class FinspaceDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -394,8 +400,14 @@ export class FinspaceDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -406,4 +418,13 @@ export class FinspaceDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFinspaceDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FinspaceDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-finspace-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-finspace-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0e797d69ea4c7 --- /dev/null +++ b/clients/client-finspace-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FinspaceDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FinspaceDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FinspaceDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FinspaceDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FinspaceDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FinspaceDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-finspace-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-finspace-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..562e1823a43a1 --- /dev/null +++ b/clients/client-finspace-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FinspaceDataClientConfig, FinspaceDataClientResolvedConfig } from "../FinspaceDataClient"; + +/** + * @internal + */ +export interface FinspaceDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FinspaceDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FinspaceDataClientResolvedConfig, + HandlerExecutionContext, + FinspaceDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFinspaceDataHttpAuthSchemeParametersProvider = async ( + config: FinspaceDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FinspaceDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "finspace-api", + region: authParameters.region, + }, + propertiesExtractor: (config: FinspaceDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FinspaceDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFinspaceDataHttpAuthSchemeProvider: FinspaceDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FinspaceDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FinspaceDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-finspace-data/src/extensionConfiguration.ts b/clients/client-finspace-data/src/extensionConfiguration.ts index f1b4e46077826..994ac578dfb04 100644 --- a/clients/client-finspace-data/src/extensionConfiguration.ts +++ b/clients/client-finspace-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FinspaceDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-finspace-data/src/runtimeConfig.shared.ts b/clients/client-finspace-data/src/runtimeConfig.shared.ts index 1b135d6e34293..2e73c79d6ff8b 100644 --- a/clients/client-finspace-data/src/runtimeConfig.shared.ts +++ b/clients/client-finspace-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFinspaceDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FinspaceDataClientConfig } from "./FinspaceDataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FinspaceDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFinspaceDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "finspace data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-finspace-data/src/runtimeExtensions.ts b/clients/client-finspace-data/src/runtimeExtensions.ts index 794efb30b2b7f..05efb7048d3c1 100644 --- a/clients/client-finspace-data/src/runtimeExtensions.ts +++ b/clients/client-finspace-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FinspaceDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-finspace/package.json b/clients/client-finspace/package.json index 703ced43a7a9f..433f3637ecb1d 100644 --- a/clients/client-finspace/package.json +++ b/clients/client-finspace/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-finspace/src/FinspaceClient.ts b/clients/client-finspace/src/FinspaceClient.ts index 5769e08f4c5bb..8be16e04e02ba 100644 --- a/clients/client-finspace/src/FinspaceClient.ts +++ b/clients/client-finspace/src/FinspaceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFinspaceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateEnvironmentCommandInput, CreateEnvironmentCommandOutput } from "./commands/CreateEnvironmentCommand"; import { CreateKxChangesetCommandInput, CreateKxChangesetCommandOutput } from "./commands/CreateKxChangesetCommand"; import { CreateKxClusterCommandInput, CreateKxClusterCommandOutput } from "./commands/CreateKxClusterCommand"; @@ -336,21 +341,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -389,8 +395,8 @@ export type FinspaceClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -409,8 +415,8 @@ export type FinspaceClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -441,8 +447,8 @@ export class FinspaceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -451,8 +457,14 @@ export class FinspaceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -463,4 +475,13 @@ export class FinspaceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFinspaceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FinspaceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-finspace/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-finspace/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..64673f28e5203 --- /dev/null +++ b/clients/client-finspace/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FinspaceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FinspaceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FinspaceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FinspaceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FinspaceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FinspaceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-finspace/src/auth/httpAuthSchemeProvider.ts b/clients/client-finspace/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..441b3f9eabaca --- /dev/null +++ b/clients/client-finspace/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FinspaceClientConfig, FinspaceClientResolvedConfig } from "../FinspaceClient"; + +/** + * @internal + */ +export interface FinspaceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FinspaceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FinspaceClientResolvedConfig, + HandlerExecutionContext, + FinspaceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFinspaceHttpAuthSchemeParametersProvider = async ( + config: FinspaceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FinspaceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "finspace", + region: authParameters.region, + }, + propertiesExtractor: (config: FinspaceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FinspaceHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFinspaceHttpAuthSchemeProvider: FinspaceHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FinspaceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FinspaceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-finspace/src/extensionConfiguration.ts b/clients/client-finspace/src/extensionConfiguration.ts index 85a314171959f..b4ccf3c26daf8 100644 --- a/clients/client-finspace/src/extensionConfiguration.ts +++ b/clients/client-finspace/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FinspaceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-finspace/src/runtimeConfig.shared.ts b/clients/client-finspace/src/runtimeConfig.shared.ts index 57aa1093dc36a..31b085c0cf881 100644 --- a/clients/client-finspace/src/runtimeConfig.shared.ts +++ b/clients/client-finspace/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFinspaceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FinspaceClientConfig } from "./FinspaceClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FinspaceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFinspaceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "finspace", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-finspace/src/runtimeExtensions.ts b/clients/client-finspace/src/runtimeExtensions.ts index 433a3063b2dee..dda2c2d432a42 100644 --- a/clients/client-finspace/src/runtimeExtensions.ts +++ b/clients/client-finspace/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FinspaceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-firehose/package.json b/clients/client-firehose/package.json index 16223f24b4b99..2972abc18e4e9 100644 --- a/clients/client-firehose/package.json +++ b/clients/client-firehose/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-firehose/src/FirehoseClient.ts b/clients/client-firehose/src/FirehoseClient.ts index 1a8adce18bf38..a8b14ab4d6982 100644 --- a/clients/client-firehose/src/FirehoseClient.ts +++ b/clients/client-firehose/src/FirehoseClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFirehoseHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDeliveryStreamCommandInput, CreateDeliveryStreamCommandOutput, @@ -216,21 +221,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -269,8 +275,8 @@ export type FirehoseClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -289,8 +295,8 @@ export type FirehoseClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -325,8 +331,8 @@ export class FirehoseClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -335,8 +341,14 @@ export class FirehoseClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -347,4 +359,13 @@ export class FirehoseClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFirehoseHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FirehoseClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-firehose/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-firehose/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..afc7611e0ca7d --- /dev/null +++ b/clients/client-firehose/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FirehoseHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FirehoseHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FirehoseHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FirehoseHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FirehoseHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FirehoseHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-firehose/src/auth/httpAuthSchemeProvider.ts b/clients/client-firehose/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..443c1dba71dc8 --- /dev/null +++ b/clients/client-firehose/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FirehoseClientConfig, FirehoseClientResolvedConfig } from "../FirehoseClient"; + +/** + * @internal + */ +export interface FirehoseHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FirehoseHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FirehoseClientResolvedConfig, + HandlerExecutionContext, + FirehoseHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFirehoseHttpAuthSchemeParametersProvider = async ( + config: FirehoseClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FirehoseHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "firehose", + region: authParameters.region, + }, + propertiesExtractor: (config: FirehoseClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FirehoseHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFirehoseHttpAuthSchemeProvider: FirehoseHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FirehoseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FirehoseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-firehose/src/extensionConfiguration.ts b/clients/client-firehose/src/extensionConfiguration.ts index 81c75098b05eb..af1f41901ca9c 100644 --- a/clients/client-firehose/src/extensionConfiguration.ts +++ b/clients/client-firehose/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FirehoseExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-firehose/src/runtimeConfig.shared.ts b/clients/client-firehose/src/runtimeConfig.shared.ts index 45c375ef1bfda..f3bb799df4605 100644 --- a/clients/client-firehose/src/runtimeConfig.shared.ts +++ b/clients/client-firehose/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFirehoseHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FirehoseClientConfig } from "./FirehoseClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FirehoseClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFirehoseHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Firehose", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-firehose/src/runtimeExtensions.ts b/clients/client-firehose/src/runtimeExtensions.ts index 308795c78f2cd..3daebe18c55cb 100644 --- a/clients/client-firehose/src/runtimeExtensions.ts +++ b/clients/client-firehose/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FirehoseExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-fis/package.json b/clients/client-fis/package.json index 16fafc4597aa2..d8bed91040872 100644 --- a/clients/client-fis/package.json +++ b/clients/client-fis/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-fis/src/FisClient.ts b/clients/client-fis/src/FisClient.ts index 9a60ae251af9f..3ce4f82bcb925 100644 --- a/clients/client-fis/src/FisClient.ts +++ b/clients/client-fis/src/FisClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFisHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateExperimentTemplateCommandInput, CreateExperimentTemplateCommandOutput, @@ -276,21 +281,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -329,8 +335,8 @@ export type FisClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -349,8 +355,8 @@ export type FisClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -382,8 +388,8 @@ export class FisClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -392,8 +398,14 @@ export class FisClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -404,4 +416,13 @@ export class FisClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFisHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FisClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-fis/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-fis/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..66d4a8afdc85f --- /dev/null +++ b/clients/client-fis/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FisHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FisHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FisHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FisHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FisHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FisHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-fis/src/auth/httpAuthSchemeProvider.ts b/clients/client-fis/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8aeeb52c57276 --- /dev/null +++ b/clients/client-fis/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FisClientConfig, FisClientResolvedConfig } from "../FisClient"; + +/** + * @internal + */ +export interface FisHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FisHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FisClientResolvedConfig, + HandlerExecutionContext, + FisHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFisHttpAuthSchemeParametersProvider = async ( + config: FisClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FisHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "fis", + region: authParameters.region, + }, + propertiesExtractor: (config: FisClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FisHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFisHttpAuthSchemeProvider: FisHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FisHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FisHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-fis/src/extensionConfiguration.ts b/clients/client-fis/src/extensionConfiguration.ts index 83c6e6c31c650..659fccef3dd6f 100644 --- a/clients/client-fis/src/extensionConfiguration.ts +++ b/clients/client-fis/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FisExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-fis/src/runtimeConfig.shared.ts b/clients/client-fis/src/runtimeConfig.shared.ts index 03add0dffa358..51d6139766c02 100644 --- a/clients/client-fis/src/runtimeConfig.shared.ts +++ b/clients/client-fis/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFisHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FisClientConfig } from "./FisClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FisClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFisHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "fis", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-fis/src/runtimeExtensions.ts b/clients/client-fis/src/runtimeExtensions.ts index 3e4c5ef1f57bd..7fcdebc5c1aac 100644 --- a/clients/client-fis/src/runtimeExtensions.ts +++ b/clients/client-fis/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FisExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-fms/package.json b/clients/client-fms/package.json index 77f6ac0fb9daa..440518fbe9494 100644 --- a/clients/client-fms/package.json +++ b/clients/client-fms/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-fms/src/FMSClient.ts b/clients/client-fms/src/FMSClient.ts index b400806cd5f77..86f3ebd883412 100644 --- a/clients/client-fms/src/FMSClient.ts +++ b/clients/client-fms/src/FMSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFMSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAdminAccountCommandInput, AssociateAdminAccountCommandOutput, @@ -345,21 +350,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -398,8 +404,8 @@ export type FMSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -418,8 +424,8 @@ export type FMSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -456,8 +462,8 @@ export class FMSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -466,8 +472,14 @@ export class FMSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -478,4 +490,13 @@ export class FMSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFMSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FMSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-fms/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-fms/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0df944d4f208e --- /dev/null +++ b/clients/client-fms/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FMSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FMSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FMSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FMSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FMSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FMSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-fms/src/auth/httpAuthSchemeProvider.ts b/clients/client-fms/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..09811448dc0f4 --- /dev/null +++ b/clients/client-fms/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FMSClientConfig, FMSClientResolvedConfig } from "../FMSClient"; + +/** + * @internal + */ +export interface FMSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FMSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FMSClientResolvedConfig, + HandlerExecutionContext, + FMSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFMSHttpAuthSchemeParametersProvider = async ( + config: FMSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FMSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "fms", + region: authParameters.region, + }, + propertiesExtractor: (config: FMSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FMSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFMSHttpAuthSchemeProvider: FMSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-fms/src/extensionConfiguration.ts b/clients/client-fms/src/extensionConfiguration.ts index 0b49883f5657e..138e660a58f59 100644 --- a/clients/client-fms/src/extensionConfiguration.ts +++ b/clients/client-fms/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FMSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-fms/src/runtimeConfig.shared.ts b/clients/client-fms/src/runtimeConfig.shared.ts index 5e9dd80edf9d1..a3e6514711837 100644 --- a/clients/client-fms/src/runtimeConfig.shared.ts +++ b/clients/client-fms/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFMSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FMSClientConfig } from "./FMSClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FMSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFMSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "FMS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-fms/src/runtimeExtensions.ts b/clients/client-fms/src/runtimeExtensions.ts index aa642bd17e3b8..8108d52b46b71 100644 --- a/clients/client-fms/src/runtimeExtensions.ts +++ b/clients/client-fms/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FMSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-forecast/package.json b/clients/client-forecast/package.json index 11ab9df43a5c5..368d1bf594a69 100644 --- a/clients/client-forecast/package.json +++ b/clients/client-forecast/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-forecast/src/ForecastClient.ts b/clients/client-forecast/src/ForecastClient.ts index 6776609fda949..8e0683b47af3c 100644 --- a/clients/client-forecast/src/ForecastClient.ts +++ b/clients/client-forecast/src/ForecastClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultForecastHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAutoPredictorCommandInput, CreateAutoPredictorCommandOutput, @@ -453,21 +458,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -506,8 +512,8 @@ export type ForecastClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -526,8 +532,8 @@ export type ForecastClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -558,8 +564,8 @@ export class ForecastClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -568,8 +574,14 @@ export class ForecastClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -580,4 +592,13 @@ export class ForecastClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultForecastHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ForecastClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-forecast/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-forecast/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1e9c6752eda06 --- /dev/null +++ b/clients/client-forecast/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ForecastHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ForecastHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ForecastHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ForecastHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ForecastHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ForecastHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-forecast/src/auth/httpAuthSchemeProvider.ts b/clients/client-forecast/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3f46c250a9265 --- /dev/null +++ b/clients/client-forecast/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ForecastClientConfig, ForecastClientResolvedConfig } from "../ForecastClient"; + +/** + * @internal + */ +export interface ForecastHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ForecastHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ForecastClientResolvedConfig, + HandlerExecutionContext, + ForecastHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultForecastHttpAuthSchemeParametersProvider = async ( + config: ForecastClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ForecastHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "forecast", + region: authParameters.region, + }, + propertiesExtractor: (config: ForecastClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ForecastHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultForecastHttpAuthSchemeProvider: ForecastHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ForecastHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ForecastHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-forecast/src/extensionConfiguration.ts b/clients/client-forecast/src/extensionConfiguration.ts index 5630f0ee2c206..852342f892ad7 100644 --- a/clients/client-forecast/src/extensionConfiguration.ts +++ b/clients/client-forecast/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ForecastExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-forecast/src/runtimeConfig.shared.ts b/clients/client-forecast/src/runtimeConfig.shared.ts index c94d976bc15b5..766024843e8c1 100644 --- a/clients/client-forecast/src/runtimeConfig.shared.ts +++ b/clients/client-forecast/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultForecastHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ForecastClientConfig } from "./ForecastClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ForecastClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultForecastHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "forecast", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-forecast/src/runtimeExtensions.ts b/clients/client-forecast/src/runtimeExtensions.ts index 04051fc9b71fc..65dfd62b969b5 100644 --- a/clients/client-forecast/src/runtimeExtensions.ts +++ b/clients/client-forecast/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ForecastExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-forecastquery/package.json b/clients/client-forecastquery/package.json index 99939df47127c..e50a3323d8944 100644 --- a/clients/client-forecastquery/package.json +++ b/clients/client-forecastquery/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-forecastquery/src/ForecastqueryClient.ts b/clients/client-forecastquery/src/ForecastqueryClient.ts index 93e9f6adb6339..3690766374058 100644 --- a/clients/client-forecastquery/src/ForecastqueryClient.ts +++ b/clients/client-forecastquery/src/ForecastqueryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultForecastqueryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { QueryForecastCommandInput, QueryForecastCommandOutput } from "./commands/QueryForecastCommand"; import { QueryWhatIfForecastCommandInput, @@ -161,21 +166,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -214,8 +220,8 @@ export type ForecastqueryClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -234,8 +240,8 @@ export type ForecastqueryClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -266,8 +272,8 @@ export class ForecastqueryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -276,8 +282,14 @@ export class ForecastqueryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -288,4 +300,13 @@ export class ForecastqueryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultForecastqueryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ForecastqueryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-forecastquery/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-forecastquery/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d6dac9a49c274 --- /dev/null +++ b/clients/client-forecastquery/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ForecastqueryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ForecastqueryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ForecastqueryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ForecastqueryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ForecastqueryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ForecastqueryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-forecastquery/src/auth/httpAuthSchemeProvider.ts b/clients/client-forecastquery/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..10da613978d22 --- /dev/null +++ b/clients/client-forecastquery/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ForecastqueryClientConfig, ForecastqueryClientResolvedConfig } from "../ForecastqueryClient"; + +/** + * @internal + */ +export interface ForecastqueryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ForecastqueryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ForecastqueryClientResolvedConfig, + HandlerExecutionContext, + ForecastqueryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultForecastqueryHttpAuthSchemeParametersProvider = async ( + config: ForecastqueryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ForecastqueryHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "forecast", + region: authParameters.region, + }, + propertiesExtractor: (config: ForecastqueryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ForecastqueryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultForecastqueryHttpAuthSchemeProvider: ForecastqueryHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ForecastqueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ForecastqueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-forecastquery/src/extensionConfiguration.ts b/clients/client-forecastquery/src/extensionConfiguration.ts index 56b796ecf0f8c..1941c627e605e 100644 --- a/clients/client-forecastquery/src/extensionConfiguration.ts +++ b/clients/client-forecastquery/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ForecastqueryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-forecastquery/src/runtimeConfig.shared.ts b/clients/client-forecastquery/src/runtimeConfig.shared.ts index 7242c41746ac6..cedb6291fb41f 100644 --- a/clients/client-forecastquery/src/runtimeConfig.shared.ts +++ b/clients/client-forecastquery/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultForecastqueryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ForecastqueryClientConfig } from "./ForecastqueryClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ForecastqueryClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultForecastqueryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "forecastquery", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-forecastquery/src/runtimeExtensions.ts b/clients/client-forecastquery/src/runtimeExtensions.ts index 28fa920a3a96b..e788241b13e46 100644 --- a/clients/client-forecastquery/src/runtimeExtensions.ts +++ b/clients/client-forecastquery/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ForecastqueryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-frauddetector/package.json b/clients/client-frauddetector/package.json index 3ee959c0b4d6f..9b6b2839d06c9 100644 --- a/clients/client-frauddetector/package.json +++ b/clients/client-frauddetector/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-frauddetector/src/FraudDetectorClient.ts b/clients/client-frauddetector/src/FraudDetectorClient.ts index d00341fe2880f..fd22506aa9ac2 100644 --- a/clients/client-frauddetector/src/FraudDetectorClient.ts +++ b/clients/client-frauddetector/src/FraudDetectorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFraudDetectorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreateVariableCommandInput, BatchCreateVariableCommandOutput, @@ -444,21 +449,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -497,8 +503,8 @@ export type FraudDetectorClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -517,8 +523,8 @@ export type FraudDetectorClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -558,8 +564,8 @@ export class FraudDetectorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -568,8 +574,14 @@ export class FraudDetectorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -580,4 +592,13 @@ export class FraudDetectorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFraudDetectorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FraudDetectorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-frauddetector/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-frauddetector/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5d8872571d4a8 --- /dev/null +++ b/clients/client-frauddetector/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FraudDetectorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FraudDetectorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FraudDetectorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FraudDetectorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FraudDetectorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FraudDetectorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-frauddetector/src/auth/httpAuthSchemeProvider.ts b/clients/client-frauddetector/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8d55890858300 --- /dev/null +++ b/clients/client-frauddetector/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FraudDetectorClientConfig, FraudDetectorClientResolvedConfig } from "../FraudDetectorClient"; + +/** + * @internal + */ +export interface FraudDetectorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FraudDetectorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FraudDetectorClientResolvedConfig, + HandlerExecutionContext, + FraudDetectorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFraudDetectorHttpAuthSchemeParametersProvider = async ( + config: FraudDetectorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FraudDetectorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "frauddetector", + region: authParameters.region, + }, + propertiesExtractor: (config: FraudDetectorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FraudDetectorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFraudDetectorHttpAuthSchemeProvider: FraudDetectorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FraudDetectorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FraudDetectorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-frauddetector/src/extensionConfiguration.ts b/clients/client-frauddetector/src/extensionConfiguration.ts index cfb6fac0073f8..9b1fad9e1e390 100644 --- a/clients/client-frauddetector/src/extensionConfiguration.ts +++ b/clients/client-frauddetector/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FraudDetectorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-frauddetector/src/runtimeConfig.shared.ts b/clients/client-frauddetector/src/runtimeConfig.shared.ts index b8ed00414e694..2a9b849bd6465 100644 --- a/clients/client-frauddetector/src/runtimeConfig.shared.ts +++ b/clients/client-frauddetector/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFraudDetectorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FraudDetectorClientConfig } from "./FraudDetectorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FraudDetectorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFraudDetectorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "FraudDetector", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-frauddetector/src/runtimeExtensions.ts b/clients/client-frauddetector/src/runtimeExtensions.ts index 0e8011f890d91..27033b829d644 100644 --- a/clients/client-frauddetector/src/runtimeExtensions.ts +++ b/clients/client-frauddetector/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FraudDetectorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-freetier/package.json b/clients/client-freetier/package.json index 2bd0318c7355d..a3ce6f3801f35 100644 --- a/clients/client-freetier/package.json +++ b/clients/client-freetier/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-freetier/src/FreeTierClient.ts b/clients/client-freetier/src/FreeTierClient.ts index a2898abb3f621..c876da08d38cb 100644 --- a/clients/client-freetier/src/FreeTierClient.ts +++ b/clients/client-freetier/src/FreeTierClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFreeTierHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetFreeTierUsageCommandInput, GetFreeTierUsageCommandOutput } from "./commands/GetFreeTierUsageCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type FreeTierClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type FreeTierClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -272,8 +278,8 @@ export class FreeTierClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -282,8 +288,14 @@ export class FreeTierClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -294,4 +306,13 @@ export class FreeTierClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFreeTierHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FreeTierClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-freetier/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-freetier/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..da7da911069e7 --- /dev/null +++ b/clients/client-freetier/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FreeTierHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FreeTierHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FreeTierHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FreeTierHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FreeTierHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FreeTierHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-freetier/src/auth/httpAuthSchemeProvider.ts b/clients/client-freetier/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7db671f392389 --- /dev/null +++ b/clients/client-freetier/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FreeTierClientConfig, FreeTierClientResolvedConfig } from "../FreeTierClient"; + +/** + * @internal + */ +export interface FreeTierHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FreeTierHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FreeTierClientResolvedConfig, + HandlerExecutionContext, + FreeTierHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFreeTierHttpAuthSchemeParametersProvider = async ( + config: FreeTierClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FreeTierHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "freetier", + region: authParameters.region, + }, + propertiesExtractor: (config: FreeTierClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FreeTierHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFreeTierHttpAuthSchemeProvider: FreeTierHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FreeTierHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FreeTierHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-freetier/src/extensionConfiguration.ts b/clients/client-freetier/src/extensionConfiguration.ts index 93e7b87360ccd..19f99c9b311fa 100644 --- a/clients/client-freetier/src/extensionConfiguration.ts +++ b/clients/client-freetier/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FreeTierExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-freetier/src/runtimeConfig.shared.ts b/clients/client-freetier/src/runtimeConfig.shared.ts index c7768d4a7119e..f694cbc89cc99 100644 --- a/clients/client-freetier/src/runtimeConfig.shared.ts +++ b/clients/client-freetier/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFreeTierHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FreeTierClientConfig } from "./FreeTierClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FreeTierClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFreeTierHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "FreeTier", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-freetier/src/runtimeExtensions.ts b/clients/client-freetier/src/runtimeExtensions.ts index 605e3729b1948..090a354f0a402 100644 --- a/clients/client-freetier/src/runtimeExtensions.ts +++ b/clients/client-freetier/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FreeTierExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-fsx/package.json b/clients/client-fsx/package.json index 055e449cb1909..4fdf06108a467 100644 --- a/clients/client-fsx/package.json +++ b/clients/client-fsx/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-fsx/src/FSxClient.ts b/clients/client-fsx/src/FSxClient.ts index 293b5085c60f1..14e4603c0328e 100644 --- a/clients/client-fsx/src/FSxClient.ts +++ b/clients/client-fsx/src/FSxClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultFSxHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateFileSystemAliasesCommandInput, AssociateFileSystemAliasesCommandOutput, @@ -363,21 +368,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -416,8 +422,8 @@ export type FSxClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -436,8 +442,8 @@ export type FSxClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -469,8 +475,8 @@ export class FSxClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -479,8 +485,14 @@ export class FSxClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -491,4 +503,13 @@ export class FSxClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultFSxHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: FSxClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-fsx/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-fsx/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c06ca1fb278ca --- /dev/null +++ b/clients/client-fsx/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { FSxHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FSxHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): FSxHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: FSxHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: FSxHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): FSxHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-fsx/src/auth/httpAuthSchemeProvider.ts b/clients/client-fsx/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6dcd58085fbac --- /dev/null +++ b/clients/client-fsx/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { FSxClientConfig, FSxClientResolvedConfig } from "../FSxClient"; + +/** + * @internal + */ +export interface FSxHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface FSxHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + FSxClientResolvedConfig, + HandlerExecutionContext, + FSxHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultFSxHttpAuthSchemeParametersProvider = async ( + config: FSxClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: FSxHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "fsx", + region: authParameters.region, + }, + propertiesExtractor: (config: FSxClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface FSxHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultFSxHttpAuthSchemeProvider: FSxHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: FSxHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: FSxHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-fsx/src/extensionConfiguration.ts b/clients/client-fsx/src/extensionConfiguration.ts index bf436f398bda3..7b786f6160043 100644 --- a/clients/client-fsx/src/extensionConfiguration.ts +++ b/clients/client-fsx/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface FSxExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-fsx/src/runtimeConfig.shared.ts b/clients/client-fsx/src/runtimeConfig.shared.ts index 85649f3fea41b..41cea44dee0e7 100644 --- a/clients/client-fsx/src/runtimeConfig.shared.ts +++ b/clients/client-fsx/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultFSxHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { FSxClientConfig } from "./FSxClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: FSxClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultFSxHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "FSx", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-fsx/src/runtimeExtensions.ts b/clients/client-fsx/src/runtimeExtensions.ts index 4d2735034dc92..04408e59fb5b7 100644 --- a/clients/client-fsx/src/runtimeExtensions.ts +++ b/clients/client-fsx/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { FSxExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-gamelift/package.json b/clients/client-gamelift/package.json index 4f0f5916b3cbd..c6d0c4ccd53af 100644 --- a/clients/client-gamelift/package.json +++ b/clients/client-gamelift/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-gamelift/src/GameLiftClient.ts b/clients/client-gamelift/src/GameLiftClient.ts index f017f86410f7d..9c5984133d0de 100644 --- a/clients/client-gamelift/src/GameLiftClient.ts +++ b/clients/client-gamelift/src/GameLiftClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGameLiftHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptMatchCommandInput, AcceptMatchCommandOutput } from "./commands/AcceptMatchCommand"; import { ClaimGameServerCommandInput, ClaimGameServerCommandOutput } from "./commands/ClaimGameServerCommand"; import { CreateAliasCommandInput, CreateAliasCommandOutput } from "./commands/CreateAliasCommand"; @@ -642,21 +647,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -695,8 +701,8 @@ export type GameLiftClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -715,8 +721,8 @@ export type GameLiftClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -804,8 +810,8 @@ export class GameLiftClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -814,8 +820,14 @@ export class GameLiftClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -826,4 +838,13 @@ export class GameLiftClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGameLiftHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GameLiftClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-gamelift/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-gamelift/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0391bbe036229 --- /dev/null +++ b/clients/client-gamelift/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GameLiftHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GameLiftHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GameLiftHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GameLiftHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GameLiftHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GameLiftHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-gamelift/src/auth/httpAuthSchemeProvider.ts b/clients/client-gamelift/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..154d9e6b6b19b --- /dev/null +++ b/clients/client-gamelift/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GameLiftClientConfig, GameLiftClientResolvedConfig } from "../GameLiftClient"; + +/** + * @internal + */ +export interface GameLiftHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GameLiftHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GameLiftClientResolvedConfig, + HandlerExecutionContext, + GameLiftHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGameLiftHttpAuthSchemeParametersProvider = async ( + config: GameLiftClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GameLiftHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "gamelift", + region: authParameters.region, + }, + propertiesExtractor: (config: GameLiftClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GameLiftHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGameLiftHttpAuthSchemeProvider: GameLiftHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GameLiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GameLiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-gamelift/src/extensionConfiguration.ts b/clients/client-gamelift/src/extensionConfiguration.ts index f3040d0c392c7..cfdeb310ce94b 100644 --- a/clients/client-gamelift/src/extensionConfiguration.ts +++ b/clients/client-gamelift/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GameLiftExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-gamelift/src/runtimeConfig.shared.ts b/clients/client-gamelift/src/runtimeConfig.shared.ts index de7d7777b516e..d090e1309ec0e 100644 --- a/clients/client-gamelift/src/runtimeConfig.shared.ts +++ b/clients/client-gamelift/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGameLiftHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GameLiftClientConfig } from "./GameLiftClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GameLiftClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGameLiftHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "GameLift", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-gamelift/src/runtimeExtensions.ts b/clients/client-gamelift/src/runtimeExtensions.ts index eeace4de0b81b..21f9d93559c3e 100644 --- a/clients/client-gamelift/src/runtimeExtensions.ts +++ b/clients/client-gamelift/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GameLiftExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-glacier/package.json b/clients/client-glacier/package.json index dc140c07b7e81..540d37d1803e0 100644 --- a/clients/client-glacier/package.json +++ b/clients/client-glacier/package.json @@ -36,7 +36,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -55,7 +55,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-global-accelerator/package.json b/clients/client-global-accelerator/package.json index cfe78ad542523..a478a9539e0ac 100644 --- a/clients/client-global-accelerator/package.json +++ b/clients/client-global-accelerator/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-global-accelerator/src/GlobalAcceleratorClient.ts b/clients/client-global-accelerator/src/GlobalAcceleratorClient.ts index 573a63aa2fe87..8462de15327a7 100644 --- a/clients/client-global-accelerator/src/GlobalAcceleratorClient.ts +++ b/clients/client-global-accelerator/src/GlobalAcceleratorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGlobalAcceleratorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddCustomRoutingEndpointsCommandInput, AddCustomRoutingEndpointsCommandOutput, @@ -438,21 +443,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -491,8 +497,8 @@ export type GlobalAcceleratorClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -511,8 +517,8 @@ export type GlobalAcceleratorClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -590,8 +596,8 @@ export class GlobalAcceleratorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -600,8 +606,14 @@ export class GlobalAcceleratorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -612,4 +624,13 @@ export class GlobalAcceleratorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGlobalAcceleratorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GlobalAcceleratorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-global-accelerator/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-global-accelerator/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..54c8e1e08553e --- /dev/null +++ b/clients/client-global-accelerator/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GlobalAcceleratorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GlobalAcceleratorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GlobalAcceleratorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GlobalAcceleratorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GlobalAcceleratorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GlobalAcceleratorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-global-accelerator/src/auth/httpAuthSchemeProvider.ts b/clients/client-global-accelerator/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1dc77850cd978 --- /dev/null +++ b/clients/client-global-accelerator/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GlobalAcceleratorClientConfig, GlobalAcceleratorClientResolvedConfig } from "../GlobalAcceleratorClient"; + +/** + * @internal + */ +export interface GlobalAcceleratorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GlobalAcceleratorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GlobalAcceleratorClientResolvedConfig, + HandlerExecutionContext, + GlobalAcceleratorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGlobalAcceleratorHttpAuthSchemeParametersProvider = async ( + config: GlobalAcceleratorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GlobalAcceleratorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "globalaccelerator", + region: authParameters.region, + }, + propertiesExtractor: (config: GlobalAcceleratorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GlobalAcceleratorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGlobalAcceleratorHttpAuthSchemeProvider: GlobalAcceleratorHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GlobalAcceleratorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GlobalAcceleratorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-global-accelerator/src/extensionConfiguration.ts b/clients/client-global-accelerator/src/extensionConfiguration.ts index 2aa525fa7dfb1..4f64b08814af2 100644 --- a/clients/client-global-accelerator/src/extensionConfiguration.ts +++ b/clients/client-global-accelerator/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GlobalAcceleratorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-global-accelerator/src/runtimeConfig.shared.ts b/clients/client-global-accelerator/src/runtimeConfig.shared.ts index 005edf76112b8..8f2d75e0ed1ca 100644 --- a/clients/client-global-accelerator/src/runtimeConfig.shared.ts +++ b/clients/client-global-accelerator/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGlobalAcceleratorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GlobalAcceleratorClientConfig } from "./GlobalAcceleratorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GlobalAcceleratorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGlobalAcceleratorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Global Accelerator", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-global-accelerator/src/runtimeExtensions.ts b/clients/client-global-accelerator/src/runtimeExtensions.ts index 6208daeeccf03..c8359dbe1268a 100644 --- a/clients/client-global-accelerator/src/runtimeExtensions.ts +++ b/clients/client-global-accelerator/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GlobalAcceleratorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-glue/package.json b/clients/client-glue/package.json index f61864de64bda..3ee12bc4146bf 100644 --- a/clients/client-glue/package.json +++ b/clients/client-glue/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-glue/src/GlueClient.ts b/clients/client-glue/src/GlueClient.ts index b84e3699ef5ac..04bc7f1cce5ee 100644 --- a/clients/client-glue/src/GlueClient.ts +++ b/clients/client-glue/src/GlueClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGlueHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreatePartitionCommandInput, BatchCreatePartitionCommandOutput, @@ -1044,21 +1049,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1097,8 +1103,8 @@ export type GlueClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1117,8 +1123,8 @@ export type GlueClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1150,8 +1156,8 @@ export class GlueClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1160,8 +1166,14 @@ export class GlueClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1172,4 +1184,13 @@ export class GlueClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGlueHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GlueClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-glue/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-glue/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a94f8604a0d62 --- /dev/null +++ b/clients/client-glue/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GlueHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GlueHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GlueHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GlueHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GlueHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GlueHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-glue/src/auth/httpAuthSchemeProvider.ts b/clients/client-glue/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..09286daee8564 --- /dev/null +++ b/clients/client-glue/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GlueClientConfig, GlueClientResolvedConfig } from "../GlueClient"; + +/** + * @internal + */ +export interface GlueHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GlueHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GlueClientResolvedConfig, + HandlerExecutionContext, + GlueHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGlueHttpAuthSchemeParametersProvider = async ( + config: GlueClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GlueHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "glue", + region: authParameters.region, + }, + propertiesExtractor: (config: GlueClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GlueHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGlueHttpAuthSchemeProvider: GlueHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GlueHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GlueHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-glue/src/extensionConfiguration.ts b/clients/client-glue/src/extensionConfiguration.ts index e33af44447ef7..ec7fa063ad96a 100644 --- a/clients/client-glue/src/extensionConfiguration.ts +++ b/clients/client-glue/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GlueExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-glue/src/runtimeConfig.shared.ts b/clients/client-glue/src/runtimeConfig.shared.ts index 30d9c3280f86d..2fe41237df935 100644 --- a/clients/client-glue/src/runtimeConfig.shared.ts +++ b/clients/client-glue/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGlueHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GlueClientConfig } from "./GlueClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GlueClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGlueHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Glue", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-glue/src/runtimeExtensions.ts b/clients/client-glue/src/runtimeExtensions.ts index 97cedeaee6f5b..9b12f6ad683aa 100644 --- a/clients/client-glue/src/runtimeExtensions.ts +++ b/clients/client-glue/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GlueExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-grafana/package.json b/clients/client-grafana/package.json index c7ead7f3fe8fd..918a63672ca15 100644 --- a/clients/client-grafana/package.json +++ b/clients/client-grafana/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-grafana/src/GrafanaClient.ts b/clients/client-grafana/src/GrafanaClient.ts index 97e788b31e03c..2db14b5d5f17e 100644 --- a/clients/client-grafana/src/GrafanaClient.ts +++ b/clients/client-grafana/src/GrafanaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGrafanaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateLicenseCommandInput, AssociateLicenseCommandOutput } from "./commands/AssociateLicenseCommand"; import { CreateWorkspaceApiKeyCommandInput, @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type GrafanaClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type GrafanaClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -350,8 +356,8 @@ export class GrafanaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -360,8 +366,14 @@ export class GrafanaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -372,4 +384,13 @@ export class GrafanaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGrafanaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GrafanaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-grafana/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-grafana/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c91b182bfba6c --- /dev/null +++ b/clients/client-grafana/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GrafanaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GrafanaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GrafanaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GrafanaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GrafanaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GrafanaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-grafana/src/auth/httpAuthSchemeProvider.ts b/clients/client-grafana/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..62c1d8ede32ec --- /dev/null +++ b/clients/client-grafana/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GrafanaClientConfig, GrafanaClientResolvedConfig } from "../GrafanaClient"; + +/** + * @internal + */ +export interface GrafanaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GrafanaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GrafanaClientResolvedConfig, + HandlerExecutionContext, + GrafanaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGrafanaHttpAuthSchemeParametersProvider = async ( + config: GrafanaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GrafanaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "grafana", + region: authParameters.region, + }, + propertiesExtractor: (config: GrafanaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GrafanaHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGrafanaHttpAuthSchemeProvider: GrafanaHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GrafanaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GrafanaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-grafana/src/extensionConfiguration.ts b/clients/client-grafana/src/extensionConfiguration.ts index f7ae88d386d56..f4f0aaa6b64df 100644 --- a/clients/client-grafana/src/extensionConfiguration.ts +++ b/clients/client-grafana/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GrafanaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-grafana/src/runtimeConfig.shared.ts b/clients/client-grafana/src/runtimeConfig.shared.ts index 3a6d4884940dd..e136460075271 100644 --- a/clients/client-grafana/src/runtimeConfig.shared.ts +++ b/clients/client-grafana/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGrafanaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GrafanaClientConfig } from "./GrafanaClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GrafanaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGrafanaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "grafana", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-grafana/src/runtimeExtensions.ts b/clients/client-grafana/src/runtimeExtensions.ts index 10adf5a6a0ea7..252be1e0b6729 100644 --- a/clients/client-grafana/src/runtimeExtensions.ts +++ b/clients/client-grafana/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GrafanaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-greengrass/package.json b/clients/client-greengrass/package.json index 5e5bec8ecc031..a85f29d88e65d 100644 --- a/clients/client-greengrass/package.json +++ b/clients/client-greengrass/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-greengrass/src/GreengrassClient.ts b/clients/client-greengrass/src/GreengrassClient.ts index 3856c24b5aa6f..3603738cf0f84 100644 --- a/clients/client-greengrass/src/GreengrassClient.ts +++ b/clients/client-greengrass/src/GreengrassClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGreengrassHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateRoleToGroupCommandInput, AssociateRoleToGroupCommandOutput, @@ -660,21 +665,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -713,8 +719,8 @@ export type GreengrassClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -733,8 +739,8 @@ export type GreengrassClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -765,8 +771,8 @@ export class GreengrassClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -775,8 +781,14 @@ export class GreengrassClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -787,4 +799,13 @@ export class GreengrassClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGreengrassHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GreengrassClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-greengrass/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-greengrass/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4a72b429f8c59 --- /dev/null +++ b/clients/client-greengrass/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GreengrassHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GreengrassHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GreengrassHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GreengrassHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GreengrassHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GreengrassHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-greengrass/src/auth/httpAuthSchemeProvider.ts b/clients/client-greengrass/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e19e6fef4f5b2 --- /dev/null +++ b/clients/client-greengrass/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GreengrassClientConfig, GreengrassClientResolvedConfig } from "../GreengrassClient"; + +/** + * @internal + */ +export interface GreengrassHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GreengrassHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GreengrassClientResolvedConfig, + HandlerExecutionContext, + GreengrassHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGreengrassHttpAuthSchemeParametersProvider = async ( + config: GreengrassClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GreengrassHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "greengrass", + region: authParameters.region, + }, + propertiesExtractor: (config: GreengrassClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GreengrassHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGreengrassHttpAuthSchemeProvider: GreengrassHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GreengrassHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GreengrassHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-greengrass/src/extensionConfiguration.ts b/clients/client-greengrass/src/extensionConfiguration.ts index 7c21483bfde6d..47fae23408d8a 100644 --- a/clients/client-greengrass/src/extensionConfiguration.ts +++ b/clients/client-greengrass/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GreengrassExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-greengrass/src/runtimeConfig.shared.ts b/clients/client-greengrass/src/runtimeConfig.shared.ts index 7b14f1b67870c..5bbc14f6f88cf 100644 --- a/clients/client-greengrass/src/runtimeConfig.shared.ts +++ b/clients/client-greengrass/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGreengrassHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GreengrassClientConfig } from "./GreengrassClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GreengrassClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGreengrassHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Greengrass", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-greengrass/src/runtimeExtensions.ts b/clients/client-greengrass/src/runtimeExtensions.ts index 8c7cee73b77ab..defedc158f537 100644 --- a/clients/client-greengrass/src/runtimeExtensions.ts +++ b/clients/client-greengrass/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GreengrassExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-greengrassv2/package.json b/clients/client-greengrassv2/package.json index 3f3c1aaa441b4..9122c606efe1e 100644 --- a/clients/client-greengrassv2/package.json +++ b/clients/client-greengrassv2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-greengrassv2/src/GreengrassV2Client.ts b/clients/client-greengrassv2/src/GreengrassV2Client.ts index 19538e2a5d7a2..2af23b4d46956 100644 --- a/clients/client-greengrassv2/src/GreengrassV2Client.ts +++ b/clients/client-greengrassv2/src/GreengrassV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGreengrassV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateServiceRoleToAccountCommandInput, AssociateServiceRoleToAccountCommandOutput, @@ -288,21 +293,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -341,8 +347,8 @@ export type GreengrassV2ClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -361,8 +367,8 @@ export type GreengrassV2ClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -403,8 +409,8 @@ export class GreengrassV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -413,8 +419,14 @@ export class GreengrassV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -425,4 +437,13 @@ export class GreengrassV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGreengrassV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GreengrassV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-greengrassv2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-greengrassv2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d8e9f0a59f861 --- /dev/null +++ b/clients/client-greengrassv2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GreengrassV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GreengrassV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GreengrassV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GreengrassV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GreengrassV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GreengrassV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-greengrassv2/src/auth/httpAuthSchemeProvider.ts b/clients/client-greengrassv2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4a28e82db2266 --- /dev/null +++ b/clients/client-greengrassv2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GreengrassV2ClientConfig, GreengrassV2ClientResolvedConfig } from "../GreengrassV2Client"; + +/** + * @internal + */ +export interface GreengrassV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GreengrassV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GreengrassV2ClientResolvedConfig, + HandlerExecutionContext, + GreengrassV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGreengrassV2HttpAuthSchemeParametersProvider = async ( + config: GreengrassV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GreengrassV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "greengrass", + region: authParameters.region, + }, + propertiesExtractor: (config: GreengrassV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GreengrassV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGreengrassV2HttpAuthSchemeProvider: GreengrassV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GreengrassV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GreengrassV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-greengrassv2/src/extensionConfiguration.ts b/clients/client-greengrassv2/src/extensionConfiguration.ts index f2bd1edd698f2..63a5da10df122 100644 --- a/clients/client-greengrassv2/src/extensionConfiguration.ts +++ b/clients/client-greengrassv2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GreengrassV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-greengrassv2/src/runtimeConfig.shared.ts b/clients/client-greengrassv2/src/runtimeConfig.shared.ts index 246442ef59bb7..d3bc16650ec13 100644 --- a/clients/client-greengrassv2/src/runtimeConfig.shared.ts +++ b/clients/client-greengrassv2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGreengrassV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GreengrassV2ClientConfig } from "./GreengrassV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GreengrassV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGreengrassV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "GreengrassV2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-greengrassv2/src/runtimeExtensions.ts b/clients/client-greengrassv2/src/runtimeExtensions.ts index ee517837626e7..92f0dcb8786c7 100644 --- a/clients/client-greengrassv2/src/runtimeExtensions.ts +++ b/clients/client-greengrassv2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GreengrassV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-groundstation/package.json b/clients/client-groundstation/package.json index 34ed7a43c442c..24b5558680b59 100644 --- a/clients/client-groundstation/package.json +++ b/clients/client-groundstation/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-groundstation/src/GroundStationClient.ts b/clients/client-groundstation/src/GroundStationClient.ts index 0fdd7bb99a5c3..677617eaa51f1 100644 --- a/clients/client-groundstation/src/GroundStationClient.ts +++ b/clients/client-groundstation/src/GroundStationClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGroundStationHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelContactCommandInput, CancelContactCommandOutput } from "./commands/CancelContactCommand"; import { CreateConfigCommandInput, CreateConfigCommandOutput } from "./commands/CreateConfigCommand"; import { @@ -285,21 +290,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -338,8 +344,8 @@ export type GroundStationClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -358,8 +364,8 @@ export type GroundStationClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -393,8 +399,8 @@ export class GroundStationClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -403,8 +409,14 @@ export class GroundStationClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -415,4 +427,13 @@ export class GroundStationClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGroundStationHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GroundStationClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-groundstation/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-groundstation/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..61858218a4600 --- /dev/null +++ b/clients/client-groundstation/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GroundStationHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GroundStationHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GroundStationHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GroundStationHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GroundStationHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GroundStationHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-groundstation/src/auth/httpAuthSchemeProvider.ts b/clients/client-groundstation/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d044b7df00a43 --- /dev/null +++ b/clients/client-groundstation/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GroundStationClientConfig, GroundStationClientResolvedConfig } from "../GroundStationClient"; + +/** + * @internal + */ +export interface GroundStationHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GroundStationHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GroundStationClientResolvedConfig, + HandlerExecutionContext, + GroundStationHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGroundStationHttpAuthSchemeParametersProvider = async ( + config: GroundStationClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GroundStationHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "groundstation", + region: authParameters.region, + }, + propertiesExtractor: (config: GroundStationClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GroundStationHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGroundStationHttpAuthSchemeProvider: GroundStationHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GroundStationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GroundStationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-groundstation/src/extensionConfiguration.ts b/clients/client-groundstation/src/extensionConfiguration.ts index a4afdbe0f76f2..db8e860d6f21f 100644 --- a/clients/client-groundstation/src/extensionConfiguration.ts +++ b/clients/client-groundstation/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GroundStationExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-groundstation/src/runtimeConfig.shared.ts b/clients/client-groundstation/src/runtimeConfig.shared.ts index 2b3026dc79f2d..e4b8af486390d 100644 --- a/clients/client-groundstation/src/runtimeConfig.shared.ts +++ b/clients/client-groundstation/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGroundStationHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GroundStationClientConfig } from "./GroundStationClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GroundStationClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGroundStationHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "GroundStation", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-groundstation/src/runtimeExtensions.ts b/clients/client-groundstation/src/runtimeExtensions.ts index 79cd2581aed56..d4be598f0556c 100644 --- a/clients/client-groundstation/src/runtimeExtensions.ts +++ b/clients/client-groundstation/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GroundStationExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-guardduty/package.json b/clients/client-guardduty/package.json index 9af32dcda0ab2..0e632ca7812eb 100644 --- a/clients/client-guardduty/package.json +++ b/clients/client-guardduty/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-guardduty/src/GuardDutyClient.ts b/clients/client-guardduty/src/GuardDutyClient.ts index 173f9f6d25aa3..2e46761e38938 100644 --- a/clients/client-guardduty/src/GuardDutyClient.ts +++ b/clients/client-guardduty/src/GuardDutyClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultGuardDutyHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptAdministratorInvitationCommandInput, AcceptAdministratorInvitationCommandOutput, @@ -462,21 +467,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -515,8 +521,8 @@ export type GuardDutyClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -535,8 +541,8 @@ export type GuardDutyClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -586,8 +592,8 @@ export class GuardDutyClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -596,8 +602,14 @@ export class GuardDutyClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -608,4 +620,13 @@ export class GuardDutyClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultGuardDutyHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: GuardDutyClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-guardduty/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-guardduty/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..16e5fcaf1401d --- /dev/null +++ b/clients/client-guardduty/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { GuardDutyHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GuardDutyHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): GuardDutyHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: GuardDutyHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: GuardDutyHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): GuardDutyHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-guardduty/src/auth/httpAuthSchemeProvider.ts b/clients/client-guardduty/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b8a8659bd41e1 --- /dev/null +++ b/clients/client-guardduty/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { GuardDutyClientConfig, GuardDutyClientResolvedConfig } from "../GuardDutyClient"; + +/** + * @internal + */ +export interface GuardDutyHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface GuardDutyHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + GuardDutyClientResolvedConfig, + HandlerExecutionContext, + GuardDutyHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultGuardDutyHttpAuthSchemeParametersProvider = async ( + config: GuardDutyClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: GuardDutyHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "guardduty", + region: authParameters.region, + }, + propertiesExtractor: (config: GuardDutyClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface GuardDutyHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultGuardDutyHttpAuthSchemeProvider: GuardDutyHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: GuardDutyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: GuardDutyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-guardduty/src/extensionConfiguration.ts b/clients/client-guardduty/src/extensionConfiguration.ts index 6329d997be2b7..f4ba98c2471d6 100644 --- a/clients/client-guardduty/src/extensionConfiguration.ts +++ b/clients/client-guardduty/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface GuardDutyExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-guardduty/src/runtimeConfig.shared.ts b/clients/client-guardduty/src/runtimeConfig.shared.ts index 491880cdcae07..66caceda48c0e 100644 --- a/clients/client-guardduty/src/runtimeConfig.shared.ts +++ b/clients/client-guardduty/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultGuardDutyHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { GuardDutyClientConfig } from "./GuardDutyClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: GuardDutyClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultGuardDutyHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "GuardDuty", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-guardduty/src/runtimeExtensions.ts b/clients/client-guardduty/src/runtimeExtensions.ts index e1e6c5351979b..724b2dac4e9a4 100644 --- a/clients/client-guardduty/src/runtimeExtensions.ts +++ b/clients/client-guardduty/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { GuardDutyExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-health/package.json b/clients/client-health/package.json index 8f99010799b40..bec741bf77dee 100644 --- a/clients/client-health/package.json +++ b/clients/client-health/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-health/src/HealthClient.ts b/clients/client-health/src/HealthClient.ts index f64a5f12a6b70..23940e8963f2c 100644 --- a/clients/client-health/src/HealthClient.ts +++ b/clients/client-health/src/HealthClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultHealthHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeAffectedAccountsForOrganizationCommandInput, DescribeAffectedAccountsForOrganizationCommandOutput, @@ -234,21 +239,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -287,8 +293,8 @@ export type HealthClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export type HealthClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -381,8 +387,8 @@ export class HealthClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -391,8 +397,14 @@ export class HealthClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -403,4 +415,13 @@ export class HealthClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultHealthHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: HealthClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-health/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-health/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..63de10d8995fc --- /dev/null +++ b/clients/client-health/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { HealthHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HealthHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): HealthHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: HealthHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HealthHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): HealthHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-health/src/auth/httpAuthSchemeProvider.ts b/clients/client-health/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dc4b62d9f857e --- /dev/null +++ b/clients/client-health/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { HealthClientConfig, HealthClientResolvedConfig } from "../HealthClient"; + +/** + * @internal + */ +export interface HealthHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface HealthHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + HealthClientResolvedConfig, + HandlerExecutionContext, + HealthHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultHealthHttpAuthSchemeParametersProvider = async ( + config: HealthClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: HealthHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "health", + region: authParameters.region, + }, + propertiesExtractor: (config: HealthClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface HealthHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultHealthHttpAuthSchemeProvider: HealthHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: HealthHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: HealthHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-health/src/extensionConfiguration.ts b/clients/client-health/src/extensionConfiguration.ts index 96834842e4344..ead5ab21b2fee 100644 --- a/clients/client-health/src/extensionConfiguration.ts +++ b/clients/client-health/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface HealthExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-health/src/runtimeConfig.shared.ts b/clients/client-health/src/runtimeConfig.shared.ts index 541adcb3dca03..764c83380ed84 100644 --- a/clients/client-health/src/runtimeConfig.shared.ts +++ b/clients/client-health/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultHealthHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { HealthClientConfig } from "./HealthClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: HealthClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultHealthHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Health", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-health/src/runtimeExtensions.ts b/clients/client-health/src/runtimeExtensions.ts index 447e3fe5a8138..96a9ec76215cd 100644 --- a/clients/client-health/src/runtimeExtensions.ts +++ b/clients/client-health/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { HealthExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-healthlake/package.json b/clients/client-healthlake/package.json index 599f8bb1dfbd0..7aa98624d1ab8 100644 --- a/clients/client-healthlake/package.json +++ b/clients/client-healthlake/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-healthlake/src/HealthLakeClient.ts b/clients/client-healthlake/src/HealthLakeClient.ts index cefb0adf3148a..1f298dcb0500c 100644 --- a/clients/client-healthlake/src/HealthLakeClient.ts +++ b/clients/client-healthlake/src/HealthLakeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultHealthLakeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateFHIRDatastoreCommandInput, CreateFHIRDatastoreCommandOutput, @@ -213,21 +218,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -266,8 +272,8 @@ export type HealthLakeClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -286,8 +292,8 @@ export type HealthLakeClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -319,8 +325,8 @@ export class HealthLakeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -329,8 +335,14 @@ export class HealthLakeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -341,4 +353,13 @@ export class HealthLakeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultHealthLakeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: HealthLakeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-healthlake/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-healthlake/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7e8cae7c00d77 --- /dev/null +++ b/clients/client-healthlake/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { HealthLakeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HealthLakeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): HealthLakeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: HealthLakeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HealthLakeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): HealthLakeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-healthlake/src/auth/httpAuthSchemeProvider.ts b/clients/client-healthlake/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..653ffc5acf9b7 --- /dev/null +++ b/clients/client-healthlake/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { HealthLakeClientConfig, HealthLakeClientResolvedConfig } from "../HealthLakeClient"; + +/** + * @internal + */ +export interface HealthLakeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface HealthLakeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + HealthLakeClientResolvedConfig, + HandlerExecutionContext, + HealthLakeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultHealthLakeHttpAuthSchemeParametersProvider = async ( + config: HealthLakeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: HealthLakeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "healthlake", + region: authParameters.region, + }, + propertiesExtractor: (config: HealthLakeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface HealthLakeHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultHealthLakeHttpAuthSchemeProvider: HealthLakeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: HealthLakeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: HealthLakeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-healthlake/src/extensionConfiguration.ts b/clients/client-healthlake/src/extensionConfiguration.ts index 5eab1cdb741e4..7ff39832e9b54 100644 --- a/clients/client-healthlake/src/extensionConfiguration.ts +++ b/clients/client-healthlake/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface HealthLakeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-healthlake/src/runtimeConfig.shared.ts b/clients/client-healthlake/src/runtimeConfig.shared.ts index 1279b5e4abf45..efa7d79e3e1eb 100644 --- a/clients/client-healthlake/src/runtimeConfig.shared.ts +++ b/clients/client-healthlake/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultHealthLakeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { HealthLakeClientConfig } from "./HealthLakeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: HealthLakeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultHealthLakeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "HealthLake", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-healthlake/src/runtimeExtensions.ts b/clients/client-healthlake/src/runtimeExtensions.ts index f6898ddf7a63c..7e6e7d6ac7c2e 100644 --- a/clients/client-healthlake/src/runtimeExtensions.ts +++ b/clients/client-healthlake/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { HealthLakeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-honeycode/package.json b/clients/client-honeycode/package.json index cfc6ff21fd22a..58479f696906e 100644 --- a/clients/client-honeycode/package.json +++ b/clients/client-honeycode/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-honeycode/src/HoneycodeClient.ts b/clients/client-honeycode/src/HoneycodeClient.ts index 7849f3d3b446d..75b0f08197deb 100644 --- a/clients/client-honeycode/src/HoneycodeClient.ts +++ b/clients/client-honeycode/src/HoneycodeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultHoneycodeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreateTableRowsCommandInput, BatchCreateTableRowsCommandOutput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type HoneycodeClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type HoneycodeClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -334,8 +340,8 @@ export class HoneycodeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -344,8 +350,14 @@ export class HoneycodeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -356,4 +368,13 @@ export class HoneycodeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultHoneycodeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: HoneycodeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-honeycode/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-honeycode/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7fa2b417fc7f7 --- /dev/null +++ b/clients/client-honeycode/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { HoneycodeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HoneycodeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): HoneycodeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: HoneycodeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: HoneycodeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): HoneycodeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-honeycode/src/auth/httpAuthSchemeProvider.ts b/clients/client-honeycode/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..460f78111c412 --- /dev/null +++ b/clients/client-honeycode/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { HoneycodeClientConfig, HoneycodeClientResolvedConfig } from "../HoneycodeClient"; + +/** + * @internal + */ +export interface HoneycodeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface HoneycodeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + HoneycodeClientResolvedConfig, + HandlerExecutionContext, + HoneycodeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultHoneycodeHttpAuthSchemeParametersProvider = async ( + config: HoneycodeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: HoneycodeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "honeycode", + region: authParameters.region, + }, + propertiesExtractor: (config: HoneycodeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface HoneycodeHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultHoneycodeHttpAuthSchemeProvider: HoneycodeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: HoneycodeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: HoneycodeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-honeycode/src/extensionConfiguration.ts b/clients/client-honeycode/src/extensionConfiguration.ts index 5543af1f1b375..850f9c7ba5641 100644 --- a/clients/client-honeycode/src/extensionConfiguration.ts +++ b/clients/client-honeycode/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface HoneycodeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-honeycode/src/runtimeConfig.shared.ts b/clients/client-honeycode/src/runtimeConfig.shared.ts index 0b09c639b6b4e..079f5b69f0eba 100644 --- a/clients/client-honeycode/src/runtimeConfig.shared.ts +++ b/clients/client-honeycode/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultHoneycodeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { HoneycodeClientConfig } from "./HoneycodeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: HoneycodeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultHoneycodeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Honeycode", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-honeycode/src/runtimeExtensions.ts b/clients/client-honeycode/src/runtimeExtensions.ts index e350778a3def6..7e908d7499f61 100644 --- a/clients/client-honeycode/src/runtimeExtensions.ts +++ b/clients/client-honeycode/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { HoneycodeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iam/package.json b/clients/client-iam/package.json index eebe8f738e07f..a786e2017c5ef 100644 --- a/clients/client-iam/package.json +++ b/clients/client-iam/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-iam/src/IAMClient.ts b/clients/client-iam/src/IAMClient.ts index 84a8dd1c64f97..f82ebce55fb11 100644 --- a/clients/client-iam/src/IAMClient.ts +++ b/clients/client-iam/src/IAMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIAMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddClientIDToOpenIDConnectProviderCommandInput, AddClientIDToOpenIDConnectProviderCommandOutput, @@ -858,21 +863,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -911,8 +917,8 @@ export type IAMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -931,8 +937,8 @@ export type IAMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -967,8 +973,8 @@ export class IAMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -977,8 +983,14 @@ export class IAMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -989,4 +1001,13 @@ export class IAMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIAMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IAMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iam/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iam/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..80d065333baa1 --- /dev/null +++ b/clients/client-iam/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IAMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IAMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IAMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IAMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IAMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IAMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iam/src/auth/httpAuthSchemeProvider.ts b/clients/client-iam/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4ee9f331c3680 --- /dev/null +++ b/clients/client-iam/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IAMClientConfig, IAMClientResolvedConfig } from "../IAMClient"; + +/** + * @internal + */ +export interface IAMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IAMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IAMClientResolvedConfig, + HandlerExecutionContext, + IAMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIAMHttpAuthSchemeParametersProvider = async ( + config: IAMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IAMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iam", + region: authParameters.region, + }, + propertiesExtractor: (config: IAMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IAMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIAMHttpAuthSchemeProvider: IAMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iam/src/extensionConfiguration.ts b/clients/client-iam/src/extensionConfiguration.ts index 7c2ed1d36fad0..57b6224e3f630 100644 --- a/clients/client-iam/src/extensionConfiguration.ts +++ b/clients/client-iam/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IAMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iam/src/runtimeConfig.shared.ts b/clients/client-iam/src/runtimeConfig.shared.ts index de0a1b3c380bb..849dea1ef8633 100644 --- a/clients/client-iam/src/runtimeConfig.shared.ts +++ b/clients/client-iam/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIAMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IAMClientConfig } from "./IAMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IAMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIAMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IAM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iam/src/runtimeExtensions.ts b/clients/client-iam/src/runtimeExtensions.ts index 7a161da174209..1a5d84fba32dc 100644 --- a/clients/client-iam/src/runtimeExtensions.ts +++ b/clients/client-iam/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IAMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-identitystore/package.json b/clients/client-identitystore/package.json index 1adf7ae24e665..2b87f6fc95501 100644 --- a/clients/client-identitystore/package.json +++ b/clients/client-identitystore/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-identitystore/src/IdentitystoreClient.ts b/clients/client-identitystore/src/IdentitystoreClient.ts index 680eb4fee3420..e099ac68b9c4a 100644 --- a/clients/client-identitystore/src/IdentitystoreClient.ts +++ b/clients/client-identitystore/src/IdentitystoreClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIdentitystoreHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; import { CreateGroupMembershipCommandInput, @@ -231,21 +236,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -284,8 +290,8 @@ export type IdentitystoreClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -304,8 +310,8 @@ export type IdentitystoreClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -343,8 +349,8 @@ export class IdentitystoreClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -353,8 +359,14 @@ export class IdentitystoreClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -365,4 +377,13 @@ export class IdentitystoreClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIdentitystoreHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IdentitystoreClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-identitystore/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-identitystore/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..11a8b76a12208 --- /dev/null +++ b/clients/client-identitystore/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IdentitystoreHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IdentitystoreHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IdentitystoreHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IdentitystoreHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IdentitystoreHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IdentitystoreHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-identitystore/src/auth/httpAuthSchemeProvider.ts b/clients/client-identitystore/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fd6185e8f3bc5 --- /dev/null +++ b/clients/client-identitystore/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IdentitystoreClientConfig, IdentitystoreClientResolvedConfig } from "../IdentitystoreClient"; + +/** + * @internal + */ +export interface IdentitystoreHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IdentitystoreHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IdentitystoreClientResolvedConfig, + HandlerExecutionContext, + IdentitystoreHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIdentitystoreHttpAuthSchemeParametersProvider = async ( + config: IdentitystoreClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IdentitystoreHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "identitystore", + region: authParameters.region, + }, + propertiesExtractor: (config: IdentitystoreClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IdentitystoreHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIdentitystoreHttpAuthSchemeProvider: IdentitystoreHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IdentitystoreHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IdentitystoreHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-identitystore/src/extensionConfiguration.ts b/clients/client-identitystore/src/extensionConfiguration.ts index a812bfb2e409b..e77e8e985bd51 100644 --- a/clients/client-identitystore/src/extensionConfiguration.ts +++ b/clients/client-identitystore/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IdentitystoreExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-identitystore/src/runtimeConfig.shared.ts b/clients/client-identitystore/src/runtimeConfig.shared.ts index bdd663a9889fc..707d2643bbb32 100644 --- a/clients/client-identitystore/src/runtimeConfig.shared.ts +++ b/clients/client-identitystore/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIdentitystoreHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IdentitystoreClientConfig } from "./IdentitystoreClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IdentitystoreClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIdentitystoreHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "identitystore", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-identitystore/src/runtimeExtensions.ts b/clients/client-identitystore/src/runtimeExtensions.ts index 53ffd7fdfd16b..3507ed6d986ca 100644 --- a/clients/client-identitystore/src/runtimeExtensions.ts +++ b/clients/client-identitystore/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IdentitystoreExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-imagebuilder/package.json b/clients/client-imagebuilder/package.json index c656109658bed..2e132b73b7cfb 100644 --- a/clients/client-imagebuilder/package.json +++ b/clients/client-imagebuilder/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-imagebuilder/src/ImagebuilderClient.ts b/clients/client-imagebuilder/src/ImagebuilderClient.ts index f7b00d436081d..c262b12c9ecac 100644 --- a/clients/client-imagebuilder/src/ImagebuilderClient.ts +++ b/clients/client-imagebuilder/src/ImagebuilderClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultImagebuilderHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelImageCreationCommandInput, CancelImageCreationCommandOutput, @@ -507,21 +512,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -560,8 +566,8 @@ export type ImagebuilderClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -580,8 +586,8 @@ export type ImagebuilderClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -615,8 +621,8 @@ export class ImagebuilderClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -625,8 +631,14 @@ export class ImagebuilderClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -637,4 +649,13 @@ export class ImagebuilderClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultImagebuilderHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ImagebuilderClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-imagebuilder/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-imagebuilder/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2aaa8b8d5beae --- /dev/null +++ b/clients/client-imagebuilder/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ImagebuilderHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ImagebuilderHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ImagebuilderHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ImagebuilderHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ImagebuilderHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ImagebuilderHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-imagebuilder/src/auth/httpAuthSchemeProvider.ts b/clients/client-imagebuilder/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2544fe1e6efda --- /dev/null +++ b/clients/client-imagebuilder/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ImagebuilderClientConfig, ImagebuilderClientResolvedConfig } from "../ImagebuilderClient"; + +/** + * @internal + */ +export interface ImagebuilderHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ImagebuilderHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ImagebuilderClientResolvedConfig, + HandlerExecutionContext, + ImagebuilderHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultImagebuilderHttpAuthSchemeParametersProvider = async ( + config: ImagebuilderClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ImagebuilderHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "imagebuilder", + region: authParameters.region, + }, + propertiesExtractor: (config: ImagebuilderClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ImagebuilderHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultImagebuilderHttpAuthSchemeProvider: ImagebuilderHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ImagebuilderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ImagebuilderHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-imagebuilder/src/extensionConfiguration.ts b/clients/client-imagebuilder/src/extensionConfiguration.ts index fa53ccc2fabac..a29677cc33748 100644 --- a/clients/client-imagebuilder/src/extensionConfiguration.ts +++ b/clients/client-imagebuilder/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ImagebuilderExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-imagebuilder/src/runtimeConfig.shared.ts b/clients/client-imagebuilder/src/runtimeConfig.shared.ts index 8e4a16824a787..b08c18a3ff9ab 100644 --- a/clients/client-imagebuilder/src/runtimeConfig.shared.ts +++ b/clients/client-imagebuilder/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultImagebuilderHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ImagebuilderClientConfig } from "./ImagebuilderClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ImagebuilderClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultImagebuilderHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "imagebuilder", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-imagebuilder/src/runtimeExtensions.ts b/clients/client-imagebuilder/src/runtimeExtensions.ts index f188e112e1a3e..b979e1d8d3e81 100644 --- a/clients/client-imagebuilder/src/runtimeExtensions.ts +++ b/clients/client-imagebuilder/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ImagebuilderExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-inspector-scan/package.json b/clients/client-inspector-scan/package.json index 1258cf46d8ed3..fcc4f0fce1e53 100644 --- a/clients/client-inspector-scan/package.json +++ b/clients/client-inspector-scan/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-inspector-scan/src/InspectorScanClient.ts b/clients/client-inspector-scan/src/InspectorScanClient.ts index 92ecb1fd492a5..bff86b87171b8 100644 --- a/clients/client-inspector-scan/src/InspectorScanClient.ts +++ b/clients/client-inspector-scan/src/InspectorScanClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultInspectorScanHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ScanSbomCommandInput, ScanSbomCommandOutput } from "./commands/ScanSbomCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type InspectorScanClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type InspectorScanClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export class InspectorScanClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -272,8 +278,14 @@ export class InspectorScanClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -284,4 +296,13 @@ export class InspectorScanClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultInspectorScanHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: InspectorScanClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-inspector-scan/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-inspector-scan/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..469df843ec170 --- /dev/null +++ b/clients/client-inspector-scan/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { InspectorScanHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InspectorScanHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): InspectorScanHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: InspectorScanHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InspectorScanHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): InspectorScanHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-inspector-scan/src/auth/httpAuthSchemeProvider.ts b/clients/client-inspector-scan/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8a75e54616820 --- /dev/null +++ b/clients/client-inspector-scan/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { InspectorScanClientConfig, InspectorScanClientResolvedConfig } from "../InspectorScanClient"; + +/** + * @internal + */ +export interface InspectorScanHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface InspectorScanHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + InspectorScanClientResolvedConfig, + HandlerExecutionContext, + InspectorScanHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultInspectorScanHttpAuthSchemeParametersProvider = async ( + config: InspectorScanClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: InspectorScanHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "inspector-scan", + region: authParameters.region, + }, + propertiesExtractor: (config: InspectorScanClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface InspectorScanHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultInspectorScanHttpAuthSchemeProvider: InspectorScanHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: InspectorScanHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: InspectorScanHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-inspector-scan/src/extensionConfiguration.ts b/clients/client-inspector-scan/src/extensionConfiguration.ts index 96b81d62dbd32..b4ac4b565fd90 100644 --- a/clients/client-inspector-scan/src/extensionConfiguration.ts +++ b/clients/client-inspector-scan/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface InspectorScanExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-inspector-scan/src/runtimeConfig.shared.ts b/clients/client-inspector-scan/src/runtimeConfig.shared.ts index 3f562c314d3a6..0bdb85d1f4f93 100644 --- a/clients/client-inspector-scan/src/runtimeConfig.shared.ts +++ b/clients/client-inspector-scan/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultInspectorScanHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { InspectorScanClientConfig } from "./InspectorScanClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: InspectorScanClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultInspectorScanHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Inspector Scan", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-inspector-scan/src/runtimeExtensions.ts b/clients/client-inspector-scan/src/runtimeExtensions.ts index 9a9d8ac73cbf6..eaf5411e75adb 100644 --- a/clients/client-inspector-scan/src/runtimeExtensions.ts +++ b/clients/client-inspector-scan/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { InspectorScanExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-inspector/package.json b/clients/client-inspector/package.json index 7a5a9ba79cc52..f66f4c6734350 100644 --- a/clients/client-inspector/package.json +++ b/clients/client-inspector/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-inspector/src/InspectorClient.ts b/clients/client-inspector/src/InspectorClient.ts index f97b08f367fd2..6d87b615c65bd 100644 --- a/clients/client-inspector/src/InspectorClient.ts +++ b/clients/client-inspector/src/InspectorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultInspectorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddAttributesToFindingsCommandInput, AddAttributesToFindingsCommandOutput, @@ -345,21 +350,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -398,8 +404,8 @@ export type InspectorClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -418,8 +424,8 @@ export type InspectorClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -453,8 +459,8 @@ export class InspectorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -463,8 +469,14 @@ export class InspectorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -475,4 +487,13 @@ export class InspectorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultInspectorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: InspectorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-inspector/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-inspector/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ddc6bc6d1a50b --- /dev/null +++ b/clients/client-inspector/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { InspectorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InspectorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): InspectorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: InspectorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InspectorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): InspectorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-inspector/src/auth/httpAuthSchemeProvider.ts b/clients/client-inspector/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f9c55942d0392 --- /dev/null +++ b/clients/client-inspector/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { InspectorClientConfig, InspectorClientResolvedConfig } from "../InspectorClient"; + +/** + * @internal + */ +export interface InspectorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface InspectorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + InspectorClientResolvedConfig, + HandlerExecutionContext, + InspectorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultInspectorHttpAuthSchemeParametersProvider = async ( + config: InspectorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: InspectorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "inspector", + region: authParameters.region, + }, + propertiesExtractor: (config: InspectorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface InspectorHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultInspectorHttpAuthSchemeProvider: InspectorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: InspectorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: InspectorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-inspector/src/extensionConfiguration.ts b/clients/client-inspector/src/extensionConfiguration.ts index 613e9e8b2033b..61636afabc41b 100644 --- a/clients/client-inspector/src/extensionConfiguration.ts +++ b/clients/client-inspector/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface InspectorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-inspector/src/runtimeConfig.shared.ts b/clients/client-inspector/src/runtimeConfig.shared.ts index 7b4c84bea8b3b..527da98afb23f 100644 --- a/clients/client-inspector/src/runtimeConfig.shared.ts +++ b/clients/client-inspector/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultInspectorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { InspectorClientConfig } from "./InspectorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: InspectorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultInspectorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Inspector", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-inspector/src/runtimeExtensions.ts b/clients/client-inspector/src/runtimeExtensions.ts index 5dad1374ff6a7..e0f3cf5dd8050 100644 --- a/clients/client-inspector/src/runtimeExtensions.ts +++ b/clients/client-inspector/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { InspectorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-inspector2/package.json b/clients/client-inspector2/package.json index 2b33df74f3dea..3a074afd86285 100644 --- a/clients/client-inspector2/package.json +++ b/clients/client-inspector2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-inspector2/src/Inspector2Client.ts b/clients/client-inspector2/src/Inspector2Client.ts index fb7c047710d77..1116a85decb2f 100644 --- a/clients/client-inspector2/src/Inspector2Client.ts +++ b/clients/client-inspector2/src/Inspector2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultInspector2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateMemberCommandInput, AssociateMemberCommandOutput } from "./commands/AssociateMemberCommand"; import { BatchGetAccountStatusCommandInput, @@ -435,21 +440,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -488,8 +494,8 @@ export type Inspector2ClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -508,8 +514,8 @@ export type Inspector2ClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -541,8 +547,8 @@ export class Inspector2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -551,8 +557,14 @@ export class Inspector2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -563,4 +575,13 @@ export class Inspector2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultInspector2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Inspector2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-inspector2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-inspector2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..78b7113520dc8 --- /dev/null +++ b/clients/client-inspector2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Inspector2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Inspector2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Inspector2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Inspector2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Inspector2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Inspector2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-inspector2/src/auth/httpAuthSchemeProvider.ts b/clients/client-inspector2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e3c2340e60ab6 --- /dev/null +++ b/clients/client-inspector2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { Inspector2ClientConfig, Inspector2ClientResolvedConfig } from "../Inspector2Client"; + +/** + * @internal + */ +export interface Inspector2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Inspector2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Inspector2ClientResolvedConfig, + HandlerExecutionContext, + Inspector2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultInspector2HttpAuthSchemeParametersProvider = async ( + config: Inspector2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: Inspector2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "inspector2", + region: authParameters.region, + }, + propertiesExtractor: (config: Inspector2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Inspector2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultInspector2HttpAuthSchemeProvider: Inspector2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Inspector2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Inspector2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-inspector2/src/extensionConfiguration.ts b/clients/client-inspector2/src/extensionConfiguration.ts index b2d8e3a9c74a1..48e393aedc858 100644 --- a/clients/client-inspector2/src/extensionConfiguration.ts +++ b/clients/client-inspector2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Inspector2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-inspector2/src/runtimeConfig.shared.ts b/clients/client-inspector2/src/runtimeConfig.shared.ts index 862bc52a5e3cc..0701555d136ca 100644 --- a/clients/client-inspector2/src/runtimeConfig.shared.ts +++ b/clients/client-inspector2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultInspector2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Inspector2ClientConfig } from "./Inspector2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Inspector2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultInspector2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Inspector2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-inspector2/src/runtimeExtensions.ts b/clients/client-inspector2/src/runtimeExtensions.ts index bdebc0d034632..cf94f45619f03 100644 --- a/clients/client-inspector2/src/runtimeExtensions.ts +++ b/clients/client-inspector2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Inspector2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-internetmonitor/package.json b/clients/client-internetmonitor/package.json index e367837569e78..a2c88b6de5d52 100644 --- a/clients/client-internetmonitor/package.json +++ b/clients/client-internetmonitor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-internetmonitor/src/InternetMonitorClient.ts b/clients/client-internetmonitor/src/InternetMonitorClient.ts index 1d3fbd2f2766f..594ea7a9fe7d3 100644 --- a/clients/client-internetmonitor/src/InternetMonitorClient.ts +++ b/clients/client-internetmonitor/src/InternetMonitorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultInternetMonitorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateMonitorCommandInput, CreateMonitorCommandOutput } from "./commands/CreateMonitorCommand"; import { DeleteMonitorCommandInput, DeleteMonitorCommandOutput } from "./commands/DeleteMonitorCommand"; import { GetHealthEventCommandInput, GetHealthEventCommandOutput } from "./commands/GetHealthEventCommand"; @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type InternetMonitorClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type InternetMonitorClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -321,8 +327,8 @@ export class InternetMonitorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -331,8 +337,14 @@ export class InternetMonitorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -343,4 +355,13 @@ export class InternetMonitorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultInternetMonitorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: InternetMonitorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-internetmonitor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-internetmonitor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..95a7157d0e5de --- /dev/null +++ b/clients/client-internetmonitor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { InternetMonitorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InternetMonitorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): InternetMonitorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: InternetMonitorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: InternetMonitorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): InternetMonitorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-internetmonitor/src/auth/httpAuthSchemeProvider.ts b/clients/client-internetmonitor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ead79177834db --- /dev/null +++ b/clients/client-internetmonitor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { InternetMonitorClientConfig, InternetMonitorClientResolvedConfig } from "../InternetMonitorClient"; + +/** + * @internal + */ +export interface InternetMonitorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface InternetMonitorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + InternetMonitorClientResolvedConfig, + HandlerExecutionContext, + InternetMonitorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultInternetMonitorHttpAuthSchemeParametersProvider = async ( + config: InternetMonitorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: InternetMonitorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "internetmonitor", + region: authParameters.region, + }, + propertiesExtractor: (config: InternetMonitorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface InternetMonitorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultInternetMonitorHttpAuthSchemeProvider: InternetMonitorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: InternetMonitorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: InternetMonitorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-internetmonitor/src/extensionConfiguration.ts b/clients/client-internetmonitor/src/extensionConfiguration.ts index 0de18e158d317..570e077134e9d 100644 --- a/clients/client-internetmonitor/src/extensionConfiguration.ts +++ b/clients/client-internetmonitor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface InternetMonitorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-internetmonitor/src/runtimeConfig.shared.ts b/clients/client-internetmonitor/src/runtimeConfig.shared.ts index e84dd52160a50..041d6898bb188 100644 --- a/clients/client-internetmonitor/src/runtimeConfig.shared.ts +++ b/clients/client-internetmonitor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultInternetMonitorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { InternetMonitorClientConfig } from "./InternetMonitorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: InternetMonitorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultInternetMonitorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "InternetMonitor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-internetmonitor/src/runtimeExtensions.ts b/clients/client-internetmonitor/src/runtimeExtensions.ts index 533aef1090eb5..fbb1a846891d8 100644 --- a/clients/client-internetmonitor/src/runtimeExtensions.ts +++ b/clients/client-internetmonitor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { InternetMonitorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-1click-devices-service/package.json b/clients/client-iot-1click-devices-service/package.json index 1acfdde517f94..700b63347fcc6 100644 --- a/clients/client-iot-1click-devices-service/package.json +++ b/clients/client-iot-1click-devices-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iot-1click-devices-service/src/IoT1ClickDevicesServiceClient.ts b/clients/client-iot-1click-devices-service/src/IoT1ClickDevicesServiceClient.ts index 6612670ac17dd..0f9569e3e32a6 100644 --- a/clients/client-iot-1click-devices-service/src/IoT1ClickDevicesServiceClient.ts +++ b/clients/client-iot-1click-devices-service/src/IoT1ClickDevicesServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoT1ClickDevicesServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ClaimDevicesByClaimCodeCommandInput, ClaimDevicesByClaimCodeCommandOutput, @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type IoT1ClickDevicesServiceClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type IoT1ClickDevicesServiceClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -314,8 +320,8 @@ export class IoT1ClickDevicesServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -324,8 +330,14 @@ export class IoT1ClickDevicesServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -336,4 +348,13 @@ export class IoT1ClickDevicesServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoT1ClickDevicesServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoT1ClickDevicesServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-1click-devices-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-1click-devices-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..473c81e18cb90 --- /dev/null +++ b/clients/client-iot-1click-devices-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoT1ClickDevicesServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoT1ClickDevicesServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoT1ClickDevicesServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoT1ClickDevicesServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoT1ClickDevicesServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoT1ClickDevicesServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-1click-devices-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-1click-devices-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f4c5d197f9ba5 --- /dev/null +++ b/clients/client-iot-1click-devices-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + IoT1ClickDevicesServiceClientConfig, + IoT1ClickDevicesServiceClientResolvedConfig, +} from "../IoT1ClickDevicesServiceClient"; + +/** + * @internal + */ +export interface IoT1ClickDevicesServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoT1ClickDevicesServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoT1ClickDevicesServiceClientResolvedConfig, + HandlerExecutionContext, + IoT1ClickDevicesServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoT1ClickDevicesServiceHttpAuthSchemeParametersProvider = async ( + config: IoT1ClickDevicesServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: IoT1ClickDevicesServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iot1click", + region: authParameters.region, + }, + propertiesExtractor: (config: IoT1ClickDevicesServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoT1ClickDevicesServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoT1ClickDevicesServiceHttpAuthSchemeProvider: IoT1ClickDevicesServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoT1ClickDevicesServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoT1ClickDevicesServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-1click-devices-service/src/extensionConfiguration.ts b/clients/client-iot-1click-devices-service/src/extensionConfiguration.ts index 1bcf5a4957cf0..ab38b624f8c0e 100644 --- a/clients/client-iot-1click-devices-service/src/extensionConfiguration.ts +++ b/clients/client-iot-1click-devices-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoT1ClickDevicesServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-1click-devices-service/src/runtimeConfig.shared.ts b/clients/client-iot-1click-devices-service/src/runtimeConfig.shared.ts index a0b2707f91bf2..135a3bc25009c 100644 --- a/clients/client-iot-1click-devices-service/src/runtimeConfig.shared.ts +++ b/clients/client-iot-1click-devices-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoT1ClickDevicesServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoT1ClickDevicesServiceClientConfig } from "./IoT1ClickDevicesServiceClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoT1ClickDevicesServiceClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoT1ClickDevicesServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT 1Click Devices Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-1click-devices-service/src/runtimeExtensions.ts b/clients/client-iot-1click-devices-service/src/runtimeExtensions.ts index e7ca37b483286..a738213531d59 100644 --- a/clients/client-iot-1click-devices-service/src/runtimeExtensions.ts +++ b/clients/client-iot-1click-devices-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoT1ClickDevicesServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-1click-projects/package.json b/clients/client-iot-1click-projects/package.json index 4b036ad8df8e4..9e6994ab4f0c3 100644 --- a/clients/client-iot-1click-projects/package.json +++ b/clients/client-iot-1click-projects/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iot-1click-projects/src/IoT1ClickProjectsClient.ts b/clients/client-iot-1click-projects/src/IoT1ClickProjectsClient.ts index 087187abf8d29..0aa27eeff3eb1 100644 --- a/clients/client-iot-1click-projects/src/IoT1ClickProjectsClient.ts +++ b/clients/client-iot-1click-projects/src/IoT1ClickProjectsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoT1ClickProjectsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateDeviceWithPlacementCommandInput, AssociateDeviceWithPlacementCommandOutput, @@ -216,21 +221,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -269,8 +275,8 @@ export type IoT1ClickProjectsClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -289,8 +295,8 @@ export type IoT1ClickProjectsClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -321,8 +327,8 @@ export class IoT1ClickProjectsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -331,8 +337,14 @@ export class IoT1ClickProjectsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -343,4 +355,13 @@ export class IoT1ClickProjectsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoT1ClickProjectsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoT1ClickProjectsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-1click-projects/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-1click-projects/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..808d82f687567 --- /dev/null +++ b/clients/client-iot-1click-projects/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoT1ClickProjectsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoT1ClickProjectsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoT1ClickProjectsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoT1ClickProjectsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoT1ClickProjectsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoT1ClickProjectsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-1click-projects/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-1click-projects/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0d4a1477239e9 --- /dev/null +++ b/clients/client-iot-1click-projects/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoT1ClickProjectsClientConfig, IoT1ClickProjectsClientResolvedConfig } from "../IoT1ClickProjectsClient"; + +/** + * @internal + */ +export interface IoT1ClickProjectsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoT1ClickProjectsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoT1ClickProjectsClientResolvedConfig, + HandlerExecutionContext, + IoT1ClickProjectsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoT1ClickProjectsHttpAuthSchemeParametersProvider = async ( + config: IoT1ClickProjectsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoT1ClickProjectsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iot1click", + region: authParameters.region, + }, + propertiesExtractor: (config: IoT1ClickProjectsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoT1ClickProjectsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoT1ClickProjectsHttpAuthSchemeProvider: IoT1ClickProjectsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoT1ClickProjectsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoT1ClickProjectsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-1click-projects/src/extensionConfiguration.ts b/clients/client-iot-1click-projects/src/extensionConfiguration.ts index 19afce0e8b284..575641768a087 100644 --- a/clients/client-iot-1click-projects/src/extensionConfiguration.ts +++ b/clients/client-iot-1click-projects/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoT1ClickProjectsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-1click-projects/src/runtimeConfig.shared.ts b/clients/client-iot-1click-projects/src/runtimeConfig.shared.ts index fde839be622d5..4949b89041b66 100644 --- a/clients/client-iot-1click-projects/src/runtimeConfig.shared.ts +++ b/clients/client-iot-1click-projects/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoT1ClickProjectsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoT1ClickProjectsClientConfig } from "./IoT1ClickProjectsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoT1ClickProjectsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoT1ClickProjectsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT 1Click Projects", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-1click-projects/src/runtimeExtensions.ts b/clients/client-iot-1click-projects/src/runtimeExtensions.ts index ac04bdce50224..51da8ca4f991e 100644 --- a/clients/client-iot-1click-projects/src/runtimeExtensions.ts +++ b/clients/client-iot-1click-projects/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoT1ClickProjectsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-data-plane/package.json b/clients/client-iot-data-plane/package.json index b71f32d6eb3d0..17c9c4b4172ff 100644 --- a/clients/client-iot-data-plane/package.json +++ b/clients/client-iot-data-plane/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-iot-data-plane/src/IoTDataPlaneClient.ts b/clients/client-iot-data-plane/src/IoTDataPlaneClient.ts index 5852a25ce8c3d..95455effcb8ac 100644 --- a/clients/client-iot-data-plane/src/IoTDataPlaneClient.ts +++ b/clients/client-iot-data-plane/src/IoTDataPlaneClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTDataPlaneHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteThingShadowCommandInput, DeleteThingShadowCommandOutput } from "./commands/DeleteThingShadowCommand"; import { GetRetainedMessageCommandInput, GetRetainedMessageCommandOutput } from "./commands/GetRetainedMessageCommand"; import { GetThingShadowCommandInput, GetThingShadowCommandOutput } from "./commands/GetThingShadowCommand"; @@ -183,21 +188,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -236,8 +242,8 @@ export type IoTDataPlaneClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -256,8 +262,8 @@ export type IoTDataPlaneClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export class IoTDataPlaneClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -308,8 +314,14 @@ export class IoTDataPlaneClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -320,4 +332,13 @@ export class IoTDataPlaneClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTDataPlaneHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTDataPlaneClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-data-plane/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-data-plane/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0374db7b78fac --- /dev/null +++ b/clients/client-iot-data-plane/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTDataPlaneHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTDataPlaneHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTDataPlaneHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTDataPlaneHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTDataPlaneHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTDataPlaneHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-data-plane/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-data-plane/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..590085f795419 --- /dev/null +++ b/clients/client-iot-data-plane/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTDataPlaneClientConfig, IoTDataPlaneClientResolvedConfig } from "../IoTDataPlaneClient"; + +/** + * @internal + */ +export interface IoTDataPlaneHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTDataPlaneHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTDataPlaneClientResolvedConfig, + HandlerExecutionContext, + IoTDataPlaneHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTDataPlaneHttpAuthSchemeParametersProvider = async ( + config: IoTDataPlaneClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTDataPlaneHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotdata", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTDataPlaneClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTDataPlaneHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTDataPlaneHttpAuthSchemeProvider: IoTDataPlaneHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTDataPlaneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTDataPlaneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-data-plane/src/extensionConfiguration.ts b/clients/client-iot-data-plane/src/extensionConfiguration.ts index 9a5c03658fa50..215bb1db8101e 100644 --- a/clients/client-iot-data-plane/src/extensionConfiguration.ts +++ b/clients/client-iot-data-plane/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTDataPlaneExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-data-plane/src/runtimeConfig.shared.ts b/clients/client-iot-data-plane/src/runtimeConfig.shared.ts index aaa88834e3a4a..2c152475424af 100644 --- a/clients/client-iot-data-plane/src/runtimeConfig.shared.ts +++ b/clients/client-iot-data-plane/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTDataPlaneHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTDataPlaneClientConfig } from "./IoTDataPlaneClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTDataPlaneClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTDataPlaneHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT Data Plane", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-data-plane/src/runtimeExtensions.ts b/clients/client-iot-data-plane/src/runtimeExtensions.ts index f5df2597854be..5c0cb3e3322aa 100644 --- a/clients/client-iot-data-plane/src/runtimeExtensions.ts +++ b/clients/client-iot-data-plane/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTDataPlaneExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-events-data/package.json b/clients/client-iot-events-data/package.json index a32a8d4193ece..e063163fddf7a 100644 --- a/clients/client-iot-events-data/package.json +++ b/clients/client-iot-events-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iot-events-data/src/IoTEventsDataClient.ts b/clients/client-iot-events-data/src/IoTEventsDataClient.ts index 4c8386e7b4082..19cc1c152a73e 100644 --- a/clients/client-iot-events-data/src/IoTEventsDataClient.ts +++ b/clients/client-iot-events-data/src/IoTEventsDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTEventsDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchAcknowledgeAlarmCommandInput, BatchAcknowledgeAlarmCommandOutput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type IoTEventsDataClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type IoTEventsDataClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export class IoTEventsDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -320,8 +326,14 @@ export class IoTEventsDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -332,4 +344,13 @@ export class IoTEventsDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTEventsDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTEventsDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-events-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-events-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d8baa4a8d4c65 --- /dev/null +++ b/clients/client-iot-events-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTEventsDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTEventsDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTEventsDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTEventsDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTEventsDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTEventsDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-events-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-events-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c6476ea5a4077 --- /dev/null +++ b/clients/client-iot-events-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTEventsDataClientConfig, IoTEventsDataClientResolvedConfig } from "../IoTEventsDataClient"; + +/** + * @internal + */ +export interface IoTEventsDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTEventsDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTEventsDataClientResolvedConfig, + HandlerExecutionContext, + IoTEventsDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTEventsDataHttpAuthSchemeParametersProvider = async ( + config: IoTEventsDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTEventsDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ioteventsdata", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTEventsDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTEventsDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTEventsDataHttpAuthSchemeProvider: IoTEventsDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTEventsDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTEventsDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-events-data/src/extensionConfiguration.ts b/clients/client-iot-events-data/src/extensionConfiguration.ts index 7598de1460a0e..68df2426b979b 100644 --- a/clients/client-iot-events-data/src/extensionConfiguration.ts +++ b/clients/client-iot-events-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTEventsDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-events-data/src/runtimeConfig.shared.ts b/clients/client-iot-events-data/src/runtimeConfig.shared.ts index 3ebb70c828270..4c95d8574acf7 100644 --- a/clients/client-iot-events-data/src/runtimeConfig.shared.ts +++ b/clients/client-iot-events-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTEventsDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTEventsDataClientConfig } from "./IoTEventsDataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTEventsDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTEventsDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT Events Data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-events-data/src/runtimeExtensions.ts b/clients/client-iot-events-data/src/runtimeExtensions.ts index a5d048f744a00..3dbe3095823f3 100644 --- a/clients/client-iot-events-data/src/runtimeExtensions.ts +++ b/clients/client-iot-events-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTEventsDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-events/package.json b/clients/client-iot-events/package.json index 5d2bcfd0e79e0..6163ab28d27e6 100644 --- a/clients/client-iot-events/package.json +++ b/clients/client-iot-events/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iot-events/src/IoTEventsClient.ts b/clients/client-iot-events/src/IoTEventsClient.ts index dd6f3153359f9..e52416533d85d 100644 --- a/clients/client-iot-events/src/IoTEventsClient.ts +++ b/clients/client-iot-events/src/IoTEventsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTEventsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAlarmModelCommandInput, CreateAlarmModelCommandOutput } from "./commands/CreateAlarmModelCommand"; import { CreateDetectorModelCommandInput, @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type IoTEventsClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type IoTEventsClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -374,8 +380,8 @@ export class IoTEventsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -384,8 +390,14 @@ export class IoTEventsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -396,4 +408,13 @@ export class IoTEventsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTEventsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTEventsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-events/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-events/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..63867767df764 --- /dev/null +++ b/clients/client-iot-events/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTEventsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTEventsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTEventsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTEventsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTEventsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTEventsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-events/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-events/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bc971187969dc --- /dev/null +++ b/clients/client-iot-events/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTEventsClientConfig, IoTEventsClientResolvedConfig } from "../IoTEventsClient"; + +/** + * @internal + */ +export interface IoTEventsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTEventsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTEventsClientResolvedConfig, + HandlerExecutionContext, + IoTEventsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTEventsHttpAuthSchemeParametersProvider = async ( + config: IoTEventsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTEventsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotevents", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTEventsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTEventsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTEventsHttpAuthSchemeProvider: IoTEventsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-events/src/extensionConfiguration.ts b/clients/client-iot-events/src/extensionConfiguration.ts index bf13af764e040..85f6eeede8733 100644 --- a/clients/client-iot-events/src/extensionConfiguration.ts +++ b/clients/client-iot-events/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTEventsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-events/src/runtimeConfig.shared.ts b/clients/client-iot-events/src/runtimeConfig.shared.ts index 9639e661748ce..9b42c199af371 100644 --- a/clients/client-iot-events/src/runtimeConfig.shared.ts +++ b/clients/client-iot-events/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTEventsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTEventsClientConfig } from "./IoTEventsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTEventsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTEventsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT Events", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-events/src/runtimeExtensions.ts b/clients/client-iot-events/src/runtimeExtensions.ts index f8dd5bac5d989..f844404083871 100644 --- a/clients/client-iot-events/src/runtimeExtensions.ts +++ b/clients/client-iot-events/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTEventsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-jobs-data-plane/package.json b/clients/client-iot-jobs-data-plane/package.json index b9519fa83e03e..67edcb4be49b9 100644 --- a/clients/client-iot-jobs-data-plane/package.json +++ b/clients/client-iot-jobs-data-plane/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iot-jobs-data-plane/src/IoTJobsDataPlaneClient.ts b/clients/client-iot-jobs-data-plane/src/IoTJobsDataPlaneClient.ts index e74ad84fe6280..35a64efe6599d 100644 --- a/clients/client-iot-jobs-data-plane/src/IoTJobsDataPlaneClient.ts +++ b/clients/client-iot-jobs-data-plane/src/IoTJobsDataPlaneClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTJobsDataPlaneHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeJobExecutionCommandInput, DescribeJobExecutionCommandOutput, @@ -177,21 +182,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -230,8 +236,8 @@ export type IoTJobsDataPlaneClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -250,8 +256,8 @@ export type IoTJobsDataPlaneClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export class IoTJobsDataPlaneClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -302,8 +308,14 @@ export class IoTJobsDataPlaneClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -314,4 +326,13 @@ export class IoTJobsDataPlaneClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTJobsDataPlaneHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTJobsDataPlaneClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-jobs-data-plane/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-jobs-data-plane/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e8dfcf1a27d8e --- /dev/null +++ b/clients/client-iot-jobs-data-plane/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTJobsDataPlaneHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTJobsDataPlaneHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTJobsDataPlaneHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTJobsDataPlaneHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTJobsDataPlaneHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTJobsDataPlaneHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-jobs-data-plane/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-jobs-data-plane/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ce96fd120eee4 --- /dev/null +++ b/clients/client-iot-jobs-data-plane/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTJobsDataPlaneClientConfig, IoTJobsDataPlaneClientResolvedConfig } from "../IoTJobsDataPlaneClient"; + +/** + * @internal + */ +export interface IoTJobsDataPlaneHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTJobsDataPlaneHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTJobsDataPlaneClientResolvedConfig, + HandlerExecutionContext, + IoTJobsDataPlaneHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTJobsDataPlaneHttpAuthSchemeParametersProvider = async ( + config: IoTJobsDataPlaneClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTJobsDataPlaneHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iot-jobs-data", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTJobsDataPlaneClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTJobsDataPlaneHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTJobsDataPlaneHttpAuthSchemeProvider: IoTJobsDataPlaneHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTJobsDataPlaneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTJobsDataPlaneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-jobs-data-plane/src/extensionConfiguration.ts b/clients/client-iot-jobs-data-plane/src/extensionConfiguration.ts index 039cecdd746be..ea5af8a2fd1ce 100644 --- a/clients/client-iot-jobs-data-plane/src/extensionConfiguration.ts +++ b/clients/client-iot-jobs-data-plane/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTJobsDataPlaneExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-jobs-data-plane/src/runtimeConfig.shared.ts b/clients/client-iot-jobs-data-plane/src/runtimeConfig.shared.ts index e27fc9fac7008..50cf6150c7be6 100644 --- a/clients/client-iot-jobs-data-plane/src/runtimeConfig.shared.ts +++ b/clients/client-iot-jobs-data-plane/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTJobsDataPlaneHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTJobsDataPlaneClientConfig } from "./IoTJobsDataPlaneClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTJobsDataPlaneClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTJobsDataPlaneHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT Jobs Data Plane", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-jobs-data-plane/src/runtimeExtensions.ts b/clients/client-iot-jobs-data-plane/src/runtimeExtensions.ts index 83377e99376f4..97cb6af3b66ad 100644 --- a/clients/client-iot-jobs-data-plane/src/runtimeExtensions.ts +++ b/clients/client-iot-jobs-data-plane/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTJobsDataPlaneExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-roborunner/package.json b/clients/client-iot-roborunner/package.json index 322c7c82d9e10..dbafeeeb5f5b8 100644 --- a/clients/client-iot-roborunner/package.json +++ b/clients/client-iot-roborunner/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-iot-roborunner/src/IoTRoboRunnerClient.ts b/clients/client-iot-roborunner/src/IoTRoboRunnerClient.ts index 4f1a980f96b09..3a24e3e56fedb 100644 --- a/clients/client-iot-roborunner/src/IoTRoboRunnerClient.ts +++ b/clients/client-iot-roborunner/src/IoTRoboRunnerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTRoboRunnerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDestinationCommandInput, CreateDestinationCommandOutput } from "./commands/CreateDestinationCommand"; import { CreateSiteCommandInput, CreateSiteCommandOutput } from "./commands/CreateSiteCommand"; import { CreateWorkerCommandInput, CreateWorkerCommandOutput } from "./commands/CreateWorkerCommand"; @@ -216,21 +221,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -269,8 +275,8 @@ export type IoTRoboRunnerClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -289,8 +295,8 @@ export type IoTRoboRunnerClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export class IoTRoboRunnerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -332,8 +338,14 @@ export class IoTRoboRunnerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -344,4 +356,13 @@ export class IoTRoboRunnerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTRoboRunnerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTRoboRunnerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-roborunner/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-roborunner/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..edf31b12d18b5 --- /dev/null +++ b/clients/client-iot-roborunner/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTRoboRunnerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTRoboRunnerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTRoboRunnerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTRoboRunnerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTRoboRunnerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTRoboRunnerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-roborunner/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-roborunner/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..91cb7bcf8eda2 --- /dev/null +++ b/clients/client-iot-roborunner/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTRoboRunnerClientConfig, IoTRoboRunnerClientResolvedConfig } from "../IoTRoboRunnerClient"; + +/** + * @internal + */ +export interface IoTRoboRunnerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTRoboRunnerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTRoboRunnerClientResolvedConfig, + HandlerExecutionContext, + IoTRoboRunnerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTRoboRunnerHttpAuthSchemeParametersProvider = async ( + config: IoTRoboRunnerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTRoboRunnerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotroborunner", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTRoboRunnerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTRoboRunnerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTRoboRunnerHttpAuthSchemeProvider: IoTRoboRunnerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTRoboRunnerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTRoboRunnerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-roborunner/src/extensionConfiguration.ts b/clients/client-iot-roborunner/src/extensionConfiguration.ts index f0da7615f8349..90cfe906d2677 100644 --- a/clients/client-iot-roborunner/src/extensionConfiguration.ts +++ b/clients/client-iot-roborunner/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTRoboRunnerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-roborunner/src/runtimeConfig.shared.ts b/clients/client-iot-roborunner/src/runtimeConfig.shared.ts index 26e5ba32c7e6f..145c971a01f38 100644 --- a/clients/client-iot-roborunner/src/runtimeConfig.shared.ts +++ b/clients/client-iot-roborunner/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTRoboRunnerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTRoboRunnerClientConfig } from "./IoTRoboRunnerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTRoboRunnerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTRoboRunnerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT RoboRunner", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-roborunner/src/runtimeExtensions.ts b/clients/client-iot-roborunner/src/runtimeExtensions.ts index bb8111074fbc0..6455e13d4198a 100644 --- a/clients/client-iot-roborunner/src/runtimeExtensions.ts +++ b/clients/client-iot-roborunner/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTRoboRunnerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot-wireless/package.json b/clients/client-iot-wireless/package.json index 17991b364cad8..b4fc616895144 100644 --- a/clients/client-iot-wireless/package.json +++ b/clients/client-iot-wireless/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-iot-wireless/src/IoTWirelessClient.ts b/clients/client-iot-wireless/src/IoTWirelessClient.ts index 4003460fa6595..19cc81d5ffa88 100644 --- a/clients/client-iot-wireless/src/IoTWirelessClient.ts +++ b/clients/client-iot-wireless/src/IoTWirelessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTWirelessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAwsAccountWithPartnerAccountCommandInput, AssociateAwsAccountWithPartnerAccountCommandOutput, @@ -735,21 +740,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -788,8 +794,8 @@ export type IoTWirelessClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -808,8 +814,8 @@ export type IoTWirelessClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -852,8 +858,8 @@ export class IoTWirelessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -862,8 +868,14 @@ export class IoTWirelessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -874,4 +886,13 @@ export class IoTWirelessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTWirelessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTWirelessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot-wireless/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot-wireless/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a797f57fb7aa7 --- /dev/null +++ b/clients/client-iot-wireless/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTWirelessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTWirelessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTWirelessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTWirelessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTWirelessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTWirelessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot-wireless/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot-wireless/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..eb853f9636ee2 --- /dev/null +++ b/clients/client-iot-wireless/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTWirelessClientConfig, IoTWirelessClientResolvedConfig } from "../IoTWirelessClient"; + +/** + * @internal + */ +export interface IoTWirelessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTWirelessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTWirelessClientResolvedConfig, + HandlerExecutionContext, + IoTWirelessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTWirelessHttpAuthSchemeParametersProvider = async ( + config: IoTWirelessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTWirelessHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotwireless", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTWirelessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTWirelessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTWirelessHttpAuthSchemeProvider: IoTWirelessHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTWirelessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTWirelessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot-wireless/src/extensionConfiguration.ts b/clients/client-iot-wireless/src/extensionConfiguration.ts index 4cd1c87d24b36..52f98d30b2faa 100644 --- a/clients/client-iot-wireless/src/extensionConfiguration.ts +++ b/clients/client-iot-wireless/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTWirelessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot-wireless/src/runtimeConfig.shared.ts b/clients/client-iot-wireless/src/runtimeConfig.shared.ts index 2b1967b72bcae..a793bdeb79d90 100644 --- a/clients/client-iot-wireless/src/runtimeConfig.shared.ts +++ b/clients/client-iot-wireless/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTWirelessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTWirelessClientConfig } from "./IoTWirelessClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTWirelessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTWirelessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT Wireless", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot-wireless/src/runtimeExtensions.ts b/clients/client-iot-wireless/src/runtimeExtensions.ts index 650cc8bd44d3e..e2bce9b782ff1 100644 --- a/clients/client-iot-wireless/src/runtimeExtensions.ts +++ b/clients/client-iot-wireless/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTWirelessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iot/package.json b/clients/client-iot/package.json index 744a5c8400711..d3c61e2e5f394 100644 --- a/clients/client-iot/package.json +++ b/clients/client-iot/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-iot/src/IoTClient.ts b/clients/client-iot/src/IoTClient.ts index b75b32141af62..4d63ecdd6954a 100644 --- a/clients/client-iot/src/IoTClient.ts +++ b/clients/client-iot/src/IoTClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { @@ -38,6 +36,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptCertificateTransferCommandInput, AcceptCertificateTransferCommandOutput, @@ -1371,21 +1376,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1424,8 +1430,8 @@ export type IoTClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1444,8 +1450,8 @@ export type IoTClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1491,8 +1497,8 @@ export class IoTClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1501,9 +1507,15 @@ export class IoTClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); this.middlewareStack.use(getOmitRetryHeadersPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1514,4 +1526,13 @@ export class IoTClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iot/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iot/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e8943b0e84ae0 --- /dev/null +++ b/clients/client-iot/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iot/src/auth/httpAuthSchemeProvider.ts b/clients/client-iot/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dbe5d35cdb078 --- /dev/null +++ b/clients/client-iot/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTClientConfig, IoTClientResolvedConfig } from "../IoTClient"; + +/** + * @internal + */ +export interface IoTHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTClientResolvedConfig, + HandlerExecutionContext, + IoTHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTHttpAuthSchemeParametersProvider = async ( + config: IoTClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iot", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTHttpAuthSchemeProvider: IoTHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iot/src/extensionConfiguration.ts b/clients/client-iot/src/extensionConfiguration.ts index de3115cc3cab4..3fd7b9a809124 100644 --- a/clients/client-iot/src/extensionConfiguration.ts +++ b/clients/client-iot/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iot/src/runtimeConfig.shared.ts b/clients/client-iot/src/runtimeConfig.shared.ts index 6771c25ee531b..7b4bf5d93f4fd 100644 --- a/clients/client-iot/src/runtimeConfig.shared.ts +++ b/clients/client-iot/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTClientConfig } from "./IoTClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoT", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iot/src/runtimeExtensions.ts b/clients/client-iot/src/runtimeExtensions.ts index 7242515594502..407c6bfc1145a 100644 --- a/clients/client-iot/src/runtimeExtensions.ts +++ b/clients/client-iot/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotanalytics/package.json b/clients/client-iotanalytics/package.json index bda1d37cc5f5e..e177bc87482e4 100644 --- a/clients/client-iotanalytics/package.json +++ b/clients/client-iotanalytics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iotanalytics/src/IoTAnalyticsClient.ts b/clients/client-iotanalytics/src/IoTAnalyticsClient.ts index 9a0754f3559d4..ade3c0483e1ff 100644 --- a/clients/client-iotanalytics/src/IoTAnalyticsClient.ts +++ b/clients/client-iotanalytics/src/IoTAnalyticsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTAnalyticsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchPutMessageCommandInput, BatchPutMessageCommandOutput } from "./commands/BatchPutMessageCommand"; import { CancelPipelineReprocessingCommandInput, @@ -282,21 +287,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -335,8 +341,8 @@ export type IoTAnalyticsClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -355,8 +361,8 @@ export type IoTAnalyticsClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -403,8 +409,8 @@ export class IoTAnalyticsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -413,8 +419,14 @@ export class IoTAnalyticsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -425,4 +437,13 @@ export class IoTAnalyticsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTAnalyticsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTAnalyticsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotanalytics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotanalytics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a5a37292fbcfa --- /dev/null +++ b/clients/client-iotanalytics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTAnalyticsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTAnalyticsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTAnalyticsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTAnalyticsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTAnalyticsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTAnalyticsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotanalytics/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotanalytics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..eb8a8f31c4170 --- /dev/null +++ b/clients/client-iotanalytics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTAnalyticsClientConfig, IoTAnalyticsClientResolvedConfig } from "../IoTAnalyticsClient"; + +/** + * @internal + */ +export interface IoTAnalyticsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTAnalyticsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTAnalyticsClientResolvedConfig, + HandlerExecutionContext, + IoTAnalyticsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTAnalyticsHttpAuthSchemeParametersProvider = async ( + config: IoTAnalyticsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTAnalyticsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotanalytics", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTAnalyticsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTAnalyticsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTAnalyticsHttpAuthSchemeProvider: IoTAnalyticsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotanalytics/src/extensionConfiguration.ts b/clients/client-iotanalytics/src/extensionConfiguration.ts index 345e19a3826cc..161dd75940bee 100644 --- a/clients/client-iotanalytics/src/extensionConfiguration.ts +++ b/clients/client-iotanalytics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTAnalyticsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotanalytics/src/runtimeConfig.shared.ts b/clients/client-iotanalytics/src/runtimeConfig.shared.ts index fc36f56a4416e..b059b69103fa1 100644 --- a/clients/client-iotanalytics/src/runtimeConfig.shared.ts +++ b/clients/client-iotanalytics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTAnalyticsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTAnalyticsClientConfig } from "./IoTAnalyticsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTAnalyticsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTAnalyticsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTAnalytics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotanalytics/src/runtimeExtensions.ts b/clients/client-iotanalytics/src/runtimeExtensions.ts index 1dced08419228..90d1375374c16 100644 --- a/clients/client-iotanalytics/src/runtimeExtensions.ts +++ b/clients/client-iotanalytics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTAnalyticsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotdeviceadvisor/package.json b/clients/client-iotdeviceadvisor/package.json index 8461255a359a0..5c4a339073802 100644 --- a/clients/client-iotdeviceadvisor/package.json +++ b/clients/client-iotdeviceadvisor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iotdeviceadvisor/src/IotDeviceAdvisorClient.ts b/clients/client-iotdeviceadvisor/src/IotDeviceAdvisorClient.ts index bea18e7bc3840..88495f236542d 100644 --- a/clients/client-iotdeviceadvisor/src/IotDeviceAdvisorClient.ts +++ b/clients/client-iotdeviceadvisor/src/IotDeviceAdvisorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIotDeviceAdvisorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSuiteDefinitionCommandInput, CreateSuiteDefinitionCommandOutput, @@ -213,21 +218,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -266,8 +272,8 @@ export type IotDeviceAdvisorClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -286,8 +292,8 @@ export type IotDeviceAdvisorClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -326,8 +332,8 @@ export class IotDeviceAdvisorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -336,8 +342,14 @@ export class IotDeviceAdvisorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -348,4 +360,13 @@ export class IotDeviceAdvisorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIotDeviceAdvisorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IotDeviceAdvisorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotdeviceadvisor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotdeviceadvisor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..25c9dbe0a5aea --- /dev/null +++ b/clients/client-iotdeviceadvisor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IotDeviceAdvisorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IotDeviceAdvisorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IotDeviceAdvisorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IotDeviceAdvisorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IotDeviceAdvisorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IotDeviceAdvisorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotdeviceadvisor/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotdeviceadvisor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1cf87e18b1b38 --- /dev/null +++ b/clients/client-iotdeviceadvisor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IotDeviceAdvisorClientConfig, IotDeviceAdvisorClientResolvedConfig } from "../IotDeviceAdvisorClient"; + +/** + * @internal + */ +export interface IotDeviceAdvisorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IotDeviceAdvisorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IotDeviceAdvisorClientResolvedConfig, + HandlerExecutionContext, + IotDeviceAdvisorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIotDeviceAdvisorHttpAuthSchemeParametersProvider = async ( + config: IotDeviceAdvisorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IotDeviceAdvisorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotdeviceadvisor", + region: authParameters.region, + }, + propertiesExtractor: (config: IotDeviceAdvisorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IotDeviceAdvisorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIotDeviceAdvisorHttpAuthSchemeProvider: IotDeviceAdvisorHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IotDeviceAdvisorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IotDeviceAdvisorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotdeviceadvisor/src/extensionConfiguration.ts b/clients/client-iotdeviceadvisor/src/extensionConfiguration.ts index 1a2bcc2114d3b..dfb08a8f27869 100644 --- a/clients/client-iotdeviceadvisor/src/extensionConfiguration.ts +++ b/clients/client-iotdeviceadvisor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IotDeviceAdvisorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotdeviceadvisor/src/runtimeConfig.shared.ts b/clients/client-iotdeviceadvisor/src/runtimeConfig.shared.ts index 571560f809f67..29241f0b1ad03 100644 --- a/clients/client-iotdeviceadvisor/src/runtimeConfig.shared.ts +++ b/clients/client-iotdeviceadvisor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIotDeviceAdvisorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IotDeviceAdvisorClientConfig } from "./IotDeviceAdvisorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IotDeviceAdvisorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIotDeviceAdvisorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IotDeviceAdvisor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotdeviceadvisor/src/runtimeExtensions.ts b/clients/client-iotdeviceadvisor/src/runtimeExtensions.ts index 8d02ca0823a61..b38340a80ed40 100644 --- a/clients/client-iotdeviceadvisor/src/runtimeExtensions.ts +++ b/clients/client-iotdeviceadvisor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IotDeviceAdvisorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotfleethub/package.json b/clients/client-iotfleethub/package.json index bcef8231c9611..f736e3f97ec25 100644 --- a/clients/client-iotfleethub/package.json +++ b/clients/client-iotfleethub/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-iotfleethub/src/IoTFleetHubClient.ts b/clients/client-iotfleethub/src/IoTFleetHubClient.ts index 7f3541c774196..c1cbf41eb0459 100644 --- a/clients/client-iotfleethub/src/IoTFleetHubClient.ts +++ b/clients/client-iotfleethub/src/IoTFleetHubClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTFleetHubHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { DeleteApplicationCommandInput, DeleteApplicationCommandOutput } from "./commands/DeleteApplicationCommand"; import { @@ -186,21 +191,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -239,8 +245,8 @@ export type IoTFleetHubClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -259,8 +265,8 @@ export type IoTFleetHubClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -294,8 +300,8 @@ export class IoTFleetHubClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -304,8 +310,14 @@ export class IoTFleetHubClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -316,4 +328,13 @@ export class IoTFleetHubClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTFleetHubHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTFleetHubClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotfleethub/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotfleethub/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b8df0ad827cf5 --- /dev/null +++ b/clients/client-iotfleethub/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTFleetHubHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTFleetHubHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTFleetHubHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTFleetHubHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTFleetHubHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTFleetHubHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotfleethub/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotfleethub/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5c3dc973badff --- /dev/null +++ b/clients/client-iotfleethub/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTFleetHubClientConfig, IoTFleetHubClientResolvedConfig } from "../IoTFleetHubClient"; + +/** + * @internal + */ +export interface IoTFleetHubHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTFleetHubHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTFleetHubClientResolvedConfig, + HandlerExecutionContext, + IoTFleetHubHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTFleetHubHttpAuthSchemeParametersProvider = async ( + config: IoTFleetHubClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTFleetHubHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotfleethub", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTFleetHubClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTFleetHubHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTFleetHubHttpAuthSchemeProvider: IoTFleetHubHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTFleetHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTFleetHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotfleethub/src/extensionConfiguration.ts b/clients/client-iotfleethub/src/extensionConfiguration.ts index 1051a8df4233c..331b2fc61b955 100644 --- a/clients/client-iotfleethub/src/extensionConfiguration.ts +++ b/clients/client-iotfleethub/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTFleetHubExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotfleethub/src/runtimeConfig.shared.ts b/clients/client-iotfleethub/src/runtimeConfig.shared.ts index 1c2a1e8eb0bf9..44f599daffa71 100644 --- a/clients/client-iotfleethub/src/runtimeConfig.shared.ts +++ b/clients/client-iotfleethub/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTFleetHubHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTFleetHubClientConfig } from "./IoTFleetHubClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTFleetHubClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTFleetHubHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTFleetHub", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotfleethub/src/runtimeExtensions.ts b/clients/client-iotfleethub/src/runtimeExtensions.ts index 0af755193b0ee..40e369469c708 100644 --- a/clients/client-iotfleethub/src/runtimeExtensions.ts +++ b/clients/client-iotfleethub/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTFleetHubExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotfleetwise/package.json b/clients/client-iotfleetwise/package.json index 057be1ba540f0..76578257a6298 100644 --- a/clients/client-iotfleetwise/package.json +++ b/clients/client-iotfleetwise/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iotfleetwise/src/IoTFleetWiseClient.ts b/clients/client-iotfleetwise/src/IoTFleetWiseClient.ts index a9bf9d8443039..4d899f8160f65 100644 --- a/clients/client-iotfleetwise/src/IoTFleetWiseClient.ts +++ b/clients/client-iotfleetwise/src/IoTFleetWiseClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTFleetWiseHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateVehicleFleetCommandInput, AssociateVehicleFleetCommandOutput, @@ -384,21 +389,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -437,8 +443,8 @@ export type IoTFleetWiseClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -457,8 +463,8 @@ export type IoTFleetWiseClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -495,8 +501,8 @@ export class IoTFleetWiseClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -505,8 +511,14 @@ export class IoTFleetWiseClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -517,4 +529,13 @@ export class IoTFleetWiseClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTFleetWiseHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTFleetWiseClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotfleetwise/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotfleetwise/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8df6c06482aba --- /dev/null +++ b/clients/client-iotfleetwise/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTFleetWiseHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTFleetWiseHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTFleetWiseHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTFleetWiseHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTFleetWiseHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTFleetWiseHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotfleetwise/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotfleetwise/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..952a6a316db65 --- /dev/null +++ b/clients/client-iotfleetwise/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTFleetWiseClientConfig, IoTFleetWiseClientResolvedConfig } from "../IoTFleetWiseClient"; + +/** + * @internal + */ +export interface IoTFleetWiseHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTFleetWiseHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTFleetWiseClientResolvedConfig, + HandlerExecutionContext, + IoTFleetWiseHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTFleetWiseHttpAuthSchemeParametersProvider = async ( + config: IoTFleetWiseClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTFleetWiseHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotfleetwise", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTFleetWiseClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTFleetWiseHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTFleetWiseHttpAuthSchemeProvider: IoTFleetWiseHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTFleetWiseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTFleetWiseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotfleetwise/src/extensionConfiguration.ts b/clients/client-iotfleetwise/src/extensionConfiguration.ts index 3200332294fb8..472c5ff297ff9 100644 --- a/clients/client-iotfleetwise/src/extensionConfiguration.ts +++ b/clients/client-iotfleetwise/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTFleetWiseExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotfleetwise/src/runtimeConfig.shared.ts b/clients/client-iotfleetwise/src/runtimeConfig.shared.ts index 82cdf82449b96..135308a665aff 100644 --- a/clients/client-iotfleetwise/src/runtimeConfig.shared.ts +++ b/clients/client-iotfleetwise/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTFleetWiseHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTFleetWiseClientConfig } from "./IoTFleetWiseClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTFleetWiseClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTFleetWiseHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTFleetWise", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotfleetwise/src/runtimeExtensions.ts b/clients/client-iotfleetwise/src/runtimeExtensions.ts index 2a4cc732fc0ab..518c597d6a3ca 100644 --- a/clients/client-iotfleetwise/src/runtimeExtensions.ts +++ b/clients/client-iotfleetwise/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTFleetWiseExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotsecuretunneling/package.json b/clients/client-iotsecuretunneling/package.json index 5b6d3955f97ca..dda276a2c52a2 100644 --- a/clients/client-iotsecuretunneling/package.json +++ b/clients/client-iotsecuretunneling/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iotsecuretunneling/src/IoTSecureTunnelingClient.ts b/clients/client-iotsecuretunneling/src/IoTSecureTunnelingClient.ts index bea55f11a0e44..31bc1ab40521a 100644 --- a/clients/client-iotsecuretunneling/src/IoTSecureTunnelingClient.ts +++ b/clients/client-iotsecuretunneling/src/IoTSecureTunnelingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTSecureTunnelingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CloseTunnelCommandInput, CloseTunnelCommandOutput } from "./commands/CloseTunnelCommand"; import { DescribeTunnelCommandInput, DescribeTunnelCommandOutput } from "./commands/DescribeTunnelCommand"; import { @@ -186,21 +191,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -239,8 +245,8 @@ export type IoTSecureTunnelingClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -259,8 +265,8 @@ export type IoTSecureTunnelingClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -295,8 +301,8 @@ export class IoTSecureTunnelingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -305,8 +311,14 @@ export class IoTSecureTunnelingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -317,4 +329,13 @@ export class IoTSecureTunnelingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTSecureTunnelingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTSecureTunnelingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotsecuretunneling/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotsecuretunneling/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8049ae1b8d443 --- /dev/null +++ b/clients/client-iotsecuretunneling/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTSecureTunnelingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTSecureTunnelingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTSecureTunnelingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTSecureTunnelingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTSecureTunnelingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTSecureTunnelingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotsecuretunneling/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotsecuretunneling/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..204d1eff654ba --- /dev/null +++ b/clients/client-iotsecuretunneling/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTSecureTunnelingClientConfig, IoTSecureTunnelingClientResolvedConfig } from "../IoTSecureTunnelingClient"; + +/** + * @internal + */ +export interface IoTSecureTunnelingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTSecureTunnelingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTSecureTunnelingClientResolvedConfig, + HandlerExecutionContext, + IoTSecureTunnelingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTSecureTunnelingHttpAuthSchemeParametersProvider = async ( + config: IoTSecureTunnelingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTSecureTunnelingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "IoTSecuredTunneling", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTSecureTunnelingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTSecureTunnelingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTSecureTunnelingHttpAuthSchemeProvider: IoTSecureTunnelingHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTSecureTunnelingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTSecureTunnelingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotsecuretunneling/src/extensionConfiguration.ts b/clients/client-iotsecuretunneling/src/extensionConfiguration.ts index 5a282d7503f2f..2c04f562f5224 100644 --- a/clients/client-iotsecuretunneling/src/extensionConfiguration.ts +++ b/clients/client-iotsecuretunneling/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTSecureTunnelingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotsecuretunneling/src/runtimeConfig.shared.ts b/clients/client-iotsecuretunneling/src/runtimeConfig.shared.ts index 36c57ecc6b64e..327cc2380ea2f 100644 --- a/clients/client-iotsecuretunneling/src/runtimeConfig.shared.ts +++ b/clients/client-iotsecuretunneling/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTSecureTunnelingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTSecureTunnelingClientConfig } from "./IoTSecureTunnelingClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTSecureTunnelingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTSecureTunnelingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTSecureTunneling", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotsecuretunneling/src/runtimeExtensions.ts b/clients/client-iotsecuretunneling/src/runtimeExtensions.ts index f5e41ab598d56..512b63235c683 100644 --- a/clients/client-iotsecuretunneling/src/runtimeExtensions.ts +++ b/clients/client-iotsecuretunneling/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTSecureTunnelingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotsitewise/package.json b/clients/client-iotsitewise/package.json index 59c795a2ce81f..a9050c3e025bd 100644 --- a/clients/client-iotsitewise/package.json +++ b/clients/client-iotsitewise/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-iotsitewise/src/IoTSiteWiseClient.ts b/clients/client-iotsitewise/src/IoTSiteWiseClient.ts index f232a20d9ccc8..910cb5d9309ab 100644 --- a/clients/client-iotsitewise/src/IoTSiteWiseClient.ts +++ b/clients/client-iotsitewise/src/IoTSiteWiseClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTSiteWiseHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAssetsCommandInput, AssociateAssetsCommandOutput } from "./commands/AssociateAssetsCommand"; import { AssociateTimeSeriesToAssetPropertyCommandInput, @@ -516,21 +521,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -569,8 +575,8 @@ export type IoTSiteWiseClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -589,8 +595,8 @@ export type IoTSiteWiseClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -622,8 +628,8 @@ export class IoTSiteWiseClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -632,8 +638,14 @@ export class IoTSiteWiseClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -644,4 +656,13 @@ export class IoTSiteWiseClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTSiteWiseHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTSiteWiseClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotsitewise/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotsitewise/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c34c3b42cd4b8 --- /dev/null +++ b/clients/client-iotsitewise/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTSiteWiseHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTSiteWiseHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTSiteWiseHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTSiteWiseHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTSiteWiseHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTSiteWiseHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotsitewise/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotsitewise/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..90905f91bc8b7 --- /dev/null +++ b/clients/client-iotsitewise/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTSiteWiseClientConfig, IoTSiteWiseClientResolvedConfig } from "../IoTSiteWiseClient"; + +/** + * @internal + */ +export interface IoTSiteWiseHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTSiteWiseHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTSiteWiseClientResolvedConfig, + HandlerExecutionContext, + IoTSiteWiseHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTSiteWiseHttpAuthSchemeParametersProvider = async ( + config: IoTSiteWiseClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTSiteWiseHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotsitewise", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTSiteWiseClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTSiteWiseHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTSiteWiseHttpAuthSchemeProvider: IoTSiteWiseHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTSiteWiseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTSiteWiseHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotsitewise/src/extensionConfiguration.ts b/clients/client-iotsitewise/src/extensionConfiguration.ts index d587571412b47..ef6d7ae9135c8 100644 --- a/clients/client-iotsitewise/src/extensionConfiguration.ts +++ b/clients/client-iotsitewise/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTSiteWiseExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotsitewise/src/runtimeConfig.shared.ts b/clients/client-iotsitewise/src/runtimeConfig.shared.ts index 1ca228e671c2e..06b7d100fa26f 100644 --- a/clients/client-iotsitewise/src/runtimeConfig.shared.ts +++ b/clients/client-iotsitewise/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTSiteWiseHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTSiteWiseClientConfig } from "./IoTSiteWiseClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTSiteWiseClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTSiteWiseHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTSiteWise", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotsitewise/src/runtimeExtensions.ts b/clients/client-iotsitewise/src/runtimeExtensions.ts index b4a210b4d5ddd..63027164618eb 100644 --- a/clients/client-iotsitewise/src/runtimeExtensions.ts +++ b/clients/client-iotsitewise/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTSiteWiseExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iotthingsgraph/package.json b/clients/client-iotthingsgraph/package.json index ba82fc9948a1e..c318b0582d357 100644 --- a/clients/client-iotthingsgraph/package.json +++ b/clients/client-iotthingsgraph/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iotthingsgraph/src/IoTThingsGraphClient.ts b/clients/client-iotthingsgraph/src/IoTThingsGraphClient.ts index 21e5971e32c76..2d4e97b3906bc 100644 --- a/clients/client-iotthingsgraph/src/IoTThingsGraphClient.ts +++ b/clients/client-iotthingsgraph/src/IoTThingsGraphClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTThingsGraphHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateEntityToThingCommandInput, AssociateEntityToThingCommandOutput, @@ -324,21 +329,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -377,8 +383,8 @@ export type IoTThingsGraphClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -397,8 +403,8 @@ export type IoTThingsGraphClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -434,8 +440,8 @@ export class IoTThingsGraphClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -444,8 +450,14 @@ export class IoTThingsGraphClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -456,4 +468,13 @@ export class IoTThingsGraphClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTThingsGraphHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTThingsGraphClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iotthingsgraph/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iotthingsgraph/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9618b03970d55 --- /dev/null +++ b/clients/client-iotthingsgraph/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTThingsGraphHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTThingsGraphHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTThingsGraphHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTThingsGraphHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTThingsGraphHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTThingsGraphHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iotthingsgraph/src/auth/httpAuthSchemeProvider.ts b/clients/client-iotthingsgraph/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..606f8f95347be --- /dev/null +++ b/clients/client-iotthingsgraph/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTThingsGraphClientConfig, IoTThingsGraphClientResolvedConfig } from "../IoTThingsGraphClient"; + +/** + * @internal + */ +export interface IoTThingsGraphHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTThingsGraphHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTThingsGraphClientResolvedConfig, + HandlerExecutionContext, + IoTThingsGraphHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTThingsGraphHttpAuthSchemeParametersProvider = async ( + config: IoTThingsGraphClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTThingsGraphHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iotthingsgraph", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTThingsGraphClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTThingsGraphHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTThingsGraphHttpAuthSchemeProvider: IoTThingsGraphHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTThingsGraphHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTThingsGraphHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iotthingsgraph/src/extensionConfiguration.ts b/clients/client-iotthingsgraph/src/extensionConfiguration.ts index c7c51e90a0987..a440f122efc2f 100644 --- a/clients/client-iotthingsgraph/src/extensionConfiguration.ts +++ b/clients/client-iotthingsgraph/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTThingsGraphExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iotthingsgraph/src/runtimeConfig.shared.ts b/clients/client-iotthingsgraph/src/runtimeConfig.shared.ts index cac8e3fbec5ce..89b6fbad10e07 100644 --- a/clients/client-iotthingsgraph/src/runtimeConfig.shared.ts +++ b/clients/client-iotthingsgraph/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTThingsGraphHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTThingsGraphClientConfig } from "./IoTThingsGraphClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTThingsGraphClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTThingsGraphHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTThingsGraph", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iotthingsgraph/src/runtimeExtensions.ts b/clients/client-iotthingsgraph/src/runtimeExtensions.ts index 8c818b6eda7eb..b5eda63b5c965 100644 --- a/clients/client-iotthingsgraph/src/runtimeExtensions.ts +++ b/clients/client-iotthingsgraph/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTThingsGraphExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-iottwinmaker/package.json b/clients/client-iottwinmaker/package.json index 0583c94e2f3db..ff109dcee8d13 100644 --- a/clients/client-iottwinmaker/package.json +++ b/clients/client-iottwinmaker/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-iottwinmaker/src/IoTTwinMakerClient.ts b/clients/client-iottwinmaker/src/IoTTwinMakerClient.ts index 318a338888815..4a61b8785875d 100644 --- a/clients/client-iottwinmaker/src/IoTTwinMakerClient.ts +++ b/clients/client-iottwinmaker/src/IoTTwinMakerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIoTTwinMakerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchPutPropertyValuesCommandInput, BatchPutPropertyValuesCommandOutput, @@ -306,21 +311,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -359,8 +365,8 @@ export type IoTTwinMakerClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -379,8 +385,8 @@ export type IoTTwinMakerClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -416,8 +422,8 @@ export class IoTTwinMakerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -426,8 +432,14 @@ export class IoTTwinMakerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -438,4 +450,13 @@ export class IoTTwinMakerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIoTTwinMakerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IoTTwinMakerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-iottwinmaker/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-iottwinmaker/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6240d097b9065 --- /dev/null +++ b/clients/client-iottwinmaker/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IoTTwinMakerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTTwinMakerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IoTTwinMakerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IoTTwinMakerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IoTTwinMakerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IoTTwinMakerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-iottwinmaker/src/auth/httpAuthSchemeProvider.ts b/clients/client-iottwinmaker/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c150cecb5d934 --- /dev/null +++ b/clients/client-iottwinmaker/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IoTTwinMakerClientConfig, IoTTwinMakerClientResolvedConfig } from "../IoTTwinMakerClient"; + +/** + * @internal + */ +export interface IoTTwinMakerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IoTTwinMakerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IoTTwinMakerClientResolvedConfig, + HandlerExecutionContext, + IoTTwinMakerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIoTTwinMakerHttpAuthSchemeParametersProvider = async ( + config: IoTTwinMakerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IoTTwinMakerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "iottwinmaker", + region: authParameters.region, + }, + propertiesExtractor: (config: IoTTwinMakerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IoTTwinMakerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIoTTwinMakerHttpAuthSchemeProvider: IoTTwinMakerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IoTTwinMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IoTTwinMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-iottwinmaker/src/extensionConfiguration.ts b/clients/client-iottwinmaker/src/extensionConfiguration.ts index 977d84197b1b5..7284c7b05c79f 100644 --- a/clients/client-iottwinmaker/src/extensionConfiguration.ts +++ b/clients/client-iottwinmaker/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IoTTwinMakerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-iottwinmaker/src/runtimeConfig.shared.ts b/clients/client-iottwinmaker/src/runtimeConfig.shared.ts index d5696d7b89a49..2cb276c126153 100644 --- a/clients/client-iottwinmaker/src/runtimeConfig.shared.ts +++ b/clients/client-iottwinmaker/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIoTTwinMakerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IoTTwinMakerClientConfig } from "./IoTTwinMakerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IoTTwinMakerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIoTTwinMakerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IoTTwinMaker", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-iottwinmaker/src/runtimeExtensions.ts b/clients/client-iottwinmaker/src/runtimeExtensions.ts index 67a072d1d2f7d..dff7c63ab176b 100644 --- a/clients/client-iottwinmaker/src/runtimeExtensions.ts +++ b/clients/client-iottwinmaker/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IoTTwinMakerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ivs-realtime/package.json b/clients/client-ivs-realtime/package.json index 9af94feb63101..fd7eac1a46fea 100644 --- a/clients/client-ivs-realtime/package.json +++ b/clients/client-ivs-realtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-ivs-realtime/src/IVSRealTimeClient.ts b/clients/client-ivs-realtime/src/IVSRealTimeClient.ts index 69a89ca3060a4..544beba8d74aa 100644 --- a/clients/client-ivs-realtime/src/IVSRealTimeClient.ts +++ b/clients/client-ivs-realtime/src/IVSRealTimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIVSRealTimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateEncoderConfigurationCommandInput, CreateEncoderConfigurationCommandOutput, @@ -273,21 +278,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -326,8 +332,8 @@ export type IVSRealTimeClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -346,8 +352,8 @@ export type IVSRealTimeClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -585,8 +591,8 @@ export class IVSRealTimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -595,8 +601,14 @@ export class IVSRealTimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -607,4 +619,13 @@ export class IVSRealTimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIVSRealTimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IVSRealTimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ivs-realtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ivs-realtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..95c6413d66dbc --- /dev/null +++ b/clients/client-ivs-realtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IVSRealTimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IVSRealTimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IVSRealTimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IVSRealTimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IVSRealTimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IVSRealTimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ivs-realtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-ivs-realtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..db625f57c3de7 --- /dev/null +++ b/clients/client-ivs-realtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IVSRealTimeClientConfig, IVSRealTimeClientResolvedConfig } from "../IVSRealTimeClient"; + +/** + * @internal + */ +export interface IVSRealTimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IVSRealTimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IVSRealTimeClientResolvedConfig, + HandlerExecutionContext, + IVSRealTimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIVSRealTimeHttpAuthSchemeParametersProvider = async ( + config: IVSRealTimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IVSRealTimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ivs", + region: authParameters.region, + }, + propertiesExtractor: (config: IVSRealTimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IVSRealTimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIVSRealTimeHttpAuthSchemeProvider: IVSRealTimeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IVSRealTimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IVSRealTimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ivs-realtime/src/extensionConfiguration.ts b/clients/client-ivs-realtime/src/extensionConfiguration.ts index 7cd3d97f71183..053afeb726d64 100644 --- a/clients/client-ivs-realtime/src/extensionConfiguration.ts +++ b/clients/client-ivs-realtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IVSRealTimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ivs-realtime/src/runtimeConfig.shared.ts b/clients/client-ivs-realtime/src/runtimeConfig.shared.ts index 43271d88e47bf..28e4d39178b16 100644 --- a/clients/client-ivs-realtime/src/runtimeConfig.shared.ts +++ b/clients/client-ivs-realtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIVSRealTimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IVSRealTimeClientConfig } from "./IVSRealTimeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IVSRealTimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIVSRealTimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "IVS RealTime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ivs-realtime/src/runtimeExtensions.ts b/clients/client-ivs-realtime/src/runtimeExtensions.ts index 31131280a32ce..3468a42b2c915 100644 --- a/clients/client-ivs-realtime/src/runtimeExtensions.ts +++ b/clients/client-ivs-realtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IVSRealTimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ivs/package.json b/clients/client-ivs/package.json index d57ed6c915fb3..c79755f092537 100644 --- a/clients/client-ivs/package.json +++ b/clients/client-ivs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ivs/src/IvsClient.ts b/clients/client-ivs/src/IvsClient.ts index 24e440b718029..f0b2fbe793787 100644 --- a/clients/client-ivs/src/IvsClient.ts +++ b/clients/client-ivs/src/IvsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIvsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetChannelCommandInput, BatchGetChannelCommandOutput } from "./commands/BatchGetChannelCommand"; import { BatchGetStreamKeyCommandInput, BatchGetStreamKeyCommandOutput } from "./commands/BatchGetStreamKeyCommand"; import { @@ -306,21 +311,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -359,8 +365,8 @@ export type IvsClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -379,8 +385,8 @@ export type IvsClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -785,8 +791,8 @@ export class IvsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -795,8 +801,14 @@ export class IvsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -807,4 +819,13 @@ export class IvsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIvsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IvsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ivs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ivs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..51bf372c660e0 --- /dev/null +++ b/clients/client-ivs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IvsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IvsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IvsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IvsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IvsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IvsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ivs/src/auth/httpAuthSchemeProvider.ts b/clients/client-ivs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2fb7eb5d55f68 --- /dev/null +++ b/clients/client-ivs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IvsClientConfig, IvsClientResolvedConfig } from "../IvsClient"; + +/** + * @internal + */ +export interface IvsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IvsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IvsClientResolvedConfig, + HandlerExecutionContext, + IvsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIvsHttpAuthSchemeParametersProvider = async ( + config: IvsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IvsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ivs", + region: authParameters.region, + }, + propertiesExtractor: (config: IvsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IvsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIvsHttpAuthSchemeProvider: IvsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IvsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IvsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ivs/src/extensionConfiguration.ts b/clients/client-ivs/src/extensionConfiguration.ts index acb7b1b4f815a..d4a841e0cec06 100644 --- a/clients/client-ivs/src/extensionConfiguration.ts +++ b/clients/client-ivs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IvsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ivs/src/runtimeConfig.shared.ts b/clients/client-ivs/src/runtimeConfig.shared.ts index f97d9e90376c3..7e37ff56f81cc 100644 --- a/clients/client-ivs/src/runtimeConfig.shared.ts +++ b/clients/client-ivs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIvsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IvsClientConfig } from "./IvsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IvsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIvsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ivs", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ivs/src/runtimeExtensions.ts b/clients/client-ivs/src/runtimeExtensions.ts index 10920e1673736..0f5e42b6d5b7b 100644 --- a/clients/client-ivs/src/runtimeExtensions.ts +++ b/clients/client-ivs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IvsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ivschat/package.json b/clients/client-ivschat/package.json index 93c1f8489b057..e34c449ffdec4 100644 --- a/clients/client-ivschat/package.json +++ b/clients/client-ivschat/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ivschat/src/IvschatClient.ts b/clients/client-ivschat/src/IvschatClient.ts index 4d8fa2667cf02..3c10249d53227 100644 --- a/clients/client-ivschat/src/IvschatClient.ts +++ b/clients/client-ivschat/src/IvschatClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultIvschatHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateChatTokenCommandInput, CreateChatTokenCommandOutput } from "./commands/CreateChatTokenCommand"; import { CreateLoggingConfigurationCommandInput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type IvschatClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type IvschatClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -548,8 +554,8 @@ export class IvschatClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -558,8 +564,14 @@ export class IvschatClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -570,4 +582,13 @@ export class IvschatClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultIvschatHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: IvschatClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ivschat/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ivschat/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..37b35e0036e23 --- /dev/null +++ b/clients/client-ivschat/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { IvschatHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IvschatHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): IvschatHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: IvschatHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: IvschatHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): IvschatHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ivschat/src/auth/httpAuthSchemeProvider.ts b/clients/client-ivschat/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3f470a17fc018 --- /dev/null +++ b/clients/client-ivschat/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { IvschatClientConfig, IvschatClientResolvedConfig } from "../IvschatClient"; + +/** + * @internal + */ +export interface IvschatHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface IvschatHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + IvschatClientResolvedConfig, + HandlerExecutionContext, + IvschatHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultIvschatHttpAuthSchemeParametersProvider = async ( + config: IvschatClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: IvschatHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ivschat", + region: authParameters.region, + }, + propertiesExtractor: (config: IvschatClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface IvschatHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultIvschatHttpAuthSchemeProvider: IvschatHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: IvschatHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: IvschatHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ivschat/src/extensionConfiguration.ts b/clients/client-ivschat/src/extensionConfiguration.ts index 2e7661443064b..b4d3dc53ab860 100644 --- a/clients/client-ivschat/src/extensionConfiguration.ts +++ b/clients/client-ivschat/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface IvschatExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ivschat/src/runtimeConfig.shared.ts b/clients/client-ivschat/src/runtimeConfig.shared.ts index c9a091875e8d4..e13303e0ccc9f 100644 --- a/clients/client-ivschat/src/runtimeConfig.shared.ts +++ b/clients/client-ivschat/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultIvschatHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { IvschatClientConfig } from "./IvschatClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: IvschatClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultIvschatHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ivschat", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ivschat/src/runtimeExtensions.ts b/clients/client-ivschat/src/runtimeExtensions.ts index 15dab2bb4ffab..f5a019c97da7b 100644 --- a/clients/client-ivschat/src/runtimeExtensions.ts +++ b/clients/client-ivschat/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { IvschatExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kafka/package.json b/clients/client-kafka/package.json index 03d307c052002..e192d7d071c7c 100644 --- a/clients/client-kafka/package.json +++ b/clients/client-kafka/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kafka/src/KafkaClient.ts b/clients/client-kafka/src/KafkaClient.ts index 327919972323c..6a43bc920a4fa 100644 --- a/clients/client-kafka/src/KafkaClient.ts +++ b/clients/client-kafka/src/KafkaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKafkaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchAssociateScramSecretCommandInput, BatchAssociateScramSecretCommandOutput, @@ -387,21 +392,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -440,8 +446,8 @@ export type KafkaClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -460,8 +466,8 @@ export type KafkaClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -492,8 +498,8 @@ export class KafkaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -502,8 +508,14 @@ export class KafkaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -514,4 +526,13 @@ export class KafkaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKafkaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KafkaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kafka/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kafka/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9c543609e595b --- /dev/null +++ b/clients/client-kafka/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KafkaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KafkaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KafkaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KafkaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KafkaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KafkaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kafka/src/auth/httpAuthSchemeProvider.ts b/clients/client-kafka/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dfd8b5a901a75 --- /dev/null +++ b/clients/client-kafka/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KafkaClientConfig, KafkaClientResolvedConfig } from "../KafkaClient"; + +/** + * @internal + */ +export interface KafkaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KafkaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KafkaClientResolvedConfig, + HandlerExecutionContext, + KafkaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKafkaHttpAuthSchemeParametersProvider = async ( + config: KafkaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KafkaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kafka", + region: authParameters.region, + }, + propertiesExtractor: (config: KafkaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KafkaHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKafkaHttpAuthSchemeProvider: KafkaHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KafkaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KafkaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kafka/src/extensionConfiguration.ts b/clients/client-kafka/src/extensionConfiguration.ts index 1b8ddde715261..1a1ddd9e3cda8 100644 --- a/clients/client-kafka/src/extensionConfiguration.ts +++ b/clients/client-kafka/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KafkaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kafka/src/runtimeConfig.shared.ts b/clients/client-kafka/src/runtimeConfig.shared.ts index cc8f2dc048fd1..723c587fd450e 100644 --- a/clients/client-kafka/src/runtimeConfig.shared.ts +++ b/clients/client-kafka/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKafkaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KafkaClientConfig } from "./KafkaClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KafkaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKafkaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kafka", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kafka/src/runtimeExtensions.ts b/clients/client-kafka/src/runtimeExtensions.ts index badcad2d45f1d..b6056dc87950e 100644 --- a/clients/client-kafka/src/runtimeExtensions.ts +++ b/clients/client-kafka/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KafkaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kafkaconnect/package.json b/clients/client-kafkaconnect/package.json index 949972b14b650..0b653b66ba815 100644 --- a/clients/client-kafkaconnect/package.json +++ b/clients/client-kafkaconnect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kafkaconnect/src/KafkaConnectClient.ts b/clients/client-kafkaconnect/src/KafkaConnectClient.ts index e1166eb23ea0a..1e7451df71920 100644 --- a/clients/client-kafkaconnect/src/KafkaConnectClient.ts +++ b/clients/client-kafkaconnect/src/KafkaConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKafkaConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateConnectorCommandInput, CreateConnectorCommandOutput } from "./commands/CreateConnectorCommand"; import { CreateCustomPluginCommandInput, CreateCustomPluginCommandOutput } from "./commands/CreateCustomPluginCommand"; import { @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type KafkaConnectClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type KafkaConnectClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -309,8 +315,8 @@ export class KafkaConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -319,8 +325,14 @@ export class KafkaConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -331,4 +343,13 @@ export class KafkaConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKafkaConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KafkaConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kafkaconnect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kafkaconnect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3b37da738734f --- /dev/null +++ b/clients/client-kafkaconnect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KafkaConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KafkaConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KafkaConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KafkaConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KafkaConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KafkaConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kafkaconnect/src/auth/httpAuthSchemeProvider.ts b/clients/client-kafkaconnect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d347244103ffe --- /dev/null +++ b/clients/client-kafkaconnect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KafkaConnectClientConfig, KafkaConnectClientResolvedConfig } from "../KafkaConnectClient"; + +/** + * @internal + */ +export interface KafkaConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KafkaConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KafkaConnectClientResolvedConfig, + HandlerExecutionContext, + KafkaConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKafkaConnectHttpAuthSchemeParametersProvider = async ( + config: KafkaConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KafkaConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kafkaconnect", + region: authParameters.region, + }, + propertiesExtractor: (config: KafkaConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KafkaConnectHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKafkaConnectHttpAuthSchemeProvider: KafkaConnectHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KafkaConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KafkaConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kafkaconnect/src/extensionConfiguration.ts b/clients/client-kafkaconnect/src/extensionConfiguration.ts index eaa231918c2d4..ec26872627635 100644 --- a/clients/client-kafkaconnect/src/extensionConfiguration.ts +++ b/clients/client-kafkaconnect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KafkaConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kafkaconnect/src/runtimeConfig.shared.ts b/clients/client-kafkaconnect/src/runtimeConfig.shared.ts index 286619a8e6d3d..024cb3ec1f08a 100644 --- a/clients/client-kafkaconnect/src/runtimeConfig.shared.ts +++ b/clients/client-kafkaconnect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKafkaConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KafkaConnectClientConfig } from "./KafkaConnectClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KafkaConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKafkaConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "KafkaConnect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kafkaconnect/src/runtimeExtensions.ts b/clients/client-kafkaconnect/src/runtimeExtensions.ts index 7b149839a855b..93ad3414b6963 100644 --- a/clients/client-kafkaconnect/src/runtimeExtensions.ts +++ b/clients/client-kafkaconnect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KafkaConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kendra-ranking/package.json b/clients/client-kendra-ranking/package.json index 8cf9680468f0e..cdaa80fdf8c48 100644 --- a/clients/client-kendra-ranking/package.json +++ b/clients/client-kendra-ranking/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-kendra-ranking/src/KendraRankingClient.ts b/clients/client-kendra-ranking/src/KendraRankingClient.ts index 8a8abca89b7ea..822bdc79007c5 100644 --- a/clients/client-kendra-ranking/src/KendraRankingClient.ts +++ b/clients/client-kendra-ranking/src/KendraRankingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKendraRankingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateRescoreExecutionPlanCommandInput, CreateRescoreExecutionPlanCommandOutput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type KendraRankingClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type KendraRankingClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -308,8 +314,8 @@ export class KendraRankingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -318,8 +324,14 @@ export class KendraRankingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -330,4 +342,13 @@ export class KendraRankingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKendraRankingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KendraRankingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kendra-ranking/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kendra-ranking/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..64ef3e35fc6a9 --- /dev/null +++ b/clients/client-kendra-ranking/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KendraRankingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KendraRankingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KendraRankingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KendraRankingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KendraRankingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KendraRankingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kendra-ranking/src/auth/httpAuthSchemeProvider.ts b/clients/client-kendra-ranking/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c35d4d69b2304 --- /dev/null +++ b/clients/client-kendra-ranking/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KendraRankingClientConfig, KendraRankingClientResolvedConfig } from "../KendraRankingClient"; + +/** + * @internal + */ +export interface KendraRankingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KendraRankingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KendraRankingClientResolvedConfig, + HandlerExecutionContext, + KendraRankingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKendraRankingHttpAuthSchemeParametersProvider = async ( + config: KendraRankingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KendraRankingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kendra-ranking", + region: authParameters.region, + }, + propertiesExtractor: (config: KendraRankingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KendraRankingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKendraRankingHttpAuthSchemeProvider: KendraRankingHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KendraRankingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KendraRankingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kendra-ranking/src/extensionConfiguration.ts b/clients/client-kendra-ranking/src/extensionConfiguration.ts index c43cd178eea5e..08392fa1207dd 100644 --- a/clients/client-kendra-ranking/src/extensionConfiguration.ts +++ b/clients/client-kendra-ranking/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KendraRankingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kendra-ranking/src/runtimeConfig.shared.ts b/clients/client-kendra-ranking/src/runtimeConfig.shared.ts index 6a0583b979148..35c523d05fb6d 100644 --- a/clients/client-kendra-ranking/src/runtimeConfig.shared.ts +++ b/clients/client-kendra-ranking/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKendraRankingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KendraRankingClientConfig } from "./KendraRankingClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KendraRankingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKendraRankingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kendra Ranking", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kendra-ranking/src/runtimeExtensions.ts b/clients/client-kendra-ranking/src/runtimeExtensions.ts index a90eceeb8a39f..188650fb8b9ab 100644 --- a/clients/client-kendra-ranking/src/runtimeExtensions.ts +++ b/clients/client-kendra-ranking/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KendraRankingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kendra/package.json b/clients/client-kendra/package.json index ed3dcf1b7e963..2d9cd9e8c15a0 100644 --- a/clients/client-kendra/package.json +++ b/clients/client-kendra/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-kendra/src/KendraClient.ts b/clients/client-kendra/src/KendraClient.ts index 8decbe0a4b66f..b8cd16c94a269 100644 --- a/clients/client-kendra/src/KendraClient.ts +++ b/clients/client-kendra/src/KendraClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKendraHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateEntitiesToExperienceCommandInput, AssociateEntitiesToExperienceCommandOutput, @@ -456,21 +461,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -509,8 +515,8 @@ export type KendraClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -529,8 +535,8 @@ export type KendraClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -561,8 +567,8 @@ export class KendraClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -571,8 +577,14 @@ export class KendraClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -583,4 +595,13 @@ export class KendraClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKendraHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KendraClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kendra/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kendra/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3db8dbe89d745 --- /dev/null +++ b/clients/client-kendra/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KendraHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KendraHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KendraHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KendraHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KendraHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KendraHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kendra/src/auth/httpAuthSchemeProvider.ts b/clients/client-kendra/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a11f03be81fac --- /dev/null +++ b/clients/client-kendra/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KendraClientConfig, KendraClientResolvedConfig } from "../KendraClient"; + +/** + * @internal + */ +export interface KendraHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KendraHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KendraClientResolvedConfig, + HandlerExecutionContext, + KendraHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKendraHttpAuthSchemeParametersProvider = async ( + config: KendraClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KendraHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kendra", + region: authParameters.region, + }, + propertiesExtractor: (config: KendraClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KendraHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKendraHttpAuthSchemeProvider: KendraHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KendraHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KendraHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kendra/src/extensionConfiguration.ts b/clients/client-kendra/src/extensionConfiguration.ts index cce73e56e4f58..44dc06849fc24 100644 --- a/clients/client-kendra/src/extensionConfiguration.ts +++ b/clients/client-kendra/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KendraExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kendra/src/runtimeConfig.shared.ts b/clients/client-kendra/src/runtimeConfig.shared.ts index 6cf79bdc4f47a..125973c4dd06b 100644 --- a/clients/client-kendra/src/runtimeConfig.shared.ts +++ b/clients/client-kendra/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKendraHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KendraClientConfig } from "./KendraClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KendraClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKendraHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "kendra", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kendra/src/runtimeExtensions.ts b/clients/client-kendra/src/runtimeExtensions.ts index 1d1082b69ac1c..118fe5d64209e 100644 --- a/clients/client-kendra/src/runtimeExtensions.ts +++ b/clients/client-kendra/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KendraExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-keyspaces/package.json b/clients/client-keyspaces/package.json index ba677a749e88d..885354cf22af8 100644 --- a/clients/client-keyspaces/package.json +++ b/clients/client-keyspaces/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-keyspaces/src/KeyspacesClient.ts b/clients/client-keyspaces/src/KeyspacesClient.ts index 2abfb6863ef6e..bfd3cc59239cd 100644 --- a/clients/client-keyspaces/src/KeyspacesClient.ts +++ b/clients/client-keyspaces/src/KeyspacesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKeyspacesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateKeyspaceCommandInput, CreateKeyspaceCommandOutput } from "./commands/CreateKeyspaceCommand"; import { CreateTableCommandInput, CreateTableCommandOutput } from "./commands/CreateTableCommand"; import { DeleteKeyspaceCommandInput, DeleteKeyspaceCommandOutput } from "./commands/DeleteKeyspaceCommand"; @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type KeyspacesClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type KeyspacesClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export class KeyspacesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -332,8 +338,14 @@ export class KeyspacesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -344,4 +356,13 @@ export class KeyspacesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKeyspacesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KeyspacesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-keyspaces/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-keyspaces/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2e478a0fd8fb0 --- /dev/null +++ b/clients/client-keyspaces/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KeyspacesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KeyspacesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KeyspacesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KeyspacesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KeyspacesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KeyspacesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-keyspaces/src/auth/httpAuthSchemeProvider.ts b/clients/client-keyspaces/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..20777e895254c --- /dev/null +++ b/clients/client-keyspaces/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KeyspacesClientConfig, KeyspacesClientResolvedConfig } from "../KeyspacesClient"; + +/** + * @internal + */ +export interface KeyspacesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KeyspacesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KeyspacesClientResolvedConfig, + HandlerExecutionContext, + KeyspacesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKeyspacesHttpAuthSchemeParametersProvider = async ( + config: KeyspacesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KeyspacesHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "cassandra", + region: authParameters.region, + }, + propertiesExtractor: (config: KeyspacesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KeyspacesHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKeyspacesHttpAuthSchemeProvider: KeyspacesHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KeyspacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KeyspacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-keyspaces/src/extensionConfiguration.ts b/clients/client-keyspaces/src/extensionConfiguration.ts index 2424c63c54977..576094d119c5a 100644 --- a/clients/client-keyspaces/src/extensionConfiguration.ts +++ b/clients/client-keyspaces/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KeyspacesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-keyspaces/src/runtimeConfig.shared.ts b/clients/client-keyspaces/src/runtimeConfig.shared.ts index 4c2573b05175a..f68099eeff405 100644 --- a/clients/client-keyspaces/src/runtimeConfig.shared.ts +++ b/clients/client-keyspaces/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKeyspacesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KeyspacesClientConfig } from "./KeyspacesClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KeyspacesClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKeyspacesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Keyspaces", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-keyspaces/src/runtimeExtensions.ts b/clients/client-keyspaces/src/runtimeExtensions.ts index c53b4ef0facfd..4e8d0d8f3fcf1 100644 --- a/clients/client-keyspaces/src/runtimeExtensions.ts +++ b/clients/client-keyspaces/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KeyspacesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-analytics-v2/package.json b/clients/client-kinesis-analytics-v2/package.json index 0dffad923ef2f..5027231be2ecb 100644 --- a/clients/client-kinesis-analytics-v2/package.json +++ b/clients/client-kinesis-analytics-v2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kinesis-analytics-v2/src/KinesisAnalyticsV2Client.ts b/clients/client-kinesis-analytics-v2/src/KinesisAnalyticsV2Client.ts index 7d2813369fa2f..b4e8049b6b240 100644 --- a/clients/client-kinesis-analytics-v2/src/KinesisAnalyticsV2Client.ts +++ b/clients/client-kinesis-analytics-v2/src/KinesisAnalyticsV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisAnalyticsV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddApplicationCloudWatchLoggingOptionCommandInput, AddApplicationCloudWatchLoggingOptionCommandOutput, @@ -318,21 +323,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -371,8 +377,8 @@ export type KinesisAnalyticsV2ClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -391,8 +397,8 @@ export type KinesisAnalyticsV2ClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -425,8 +431,8 @@ export class KinesisAnalyticsV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -435,8 +441,14 @@ export class KinesisAnalyticsV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -447,4 +459,13 @@ export class KinesisAnalyticsV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisAnalyticsV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisAnalyticsV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-analytics-v2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-analytics-v2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6110477a831c5 --- /dev/null +++ b/clients/client-kinesis-analytics-v2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisAnalyticsV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisAnalyticsV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisAnalyticsV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisAnalyticsV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisAnalyticsV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisAnalyticsV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-analytics-v2/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-analytics-v2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..27f5458b2f010 --- /dev/null +++ b/clients/client-kinesis-analytics-v2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KinesisAnalyticsV2ClientConfig, KinesisAnalyticsV2ClientResolvedConfig } from "../KinesisAnalyticsV2Client"; + +/** + * @internal + */ +export interface KinesisAnalyticsV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisAnalyticsV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisAnalyticsV2ClientResolvedConfig, + HandlerExecutionContext, + KinesisAnalyticsV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisAnalyticsV2HttpAuthSchemeParametersProvider = async ( + config: KinesisAnalyticsV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KinesisAnalyticsV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisanalytics", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisAnalyticsV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisAnalyticsV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisAnalyticsV2HttpAuthSchemeProvider: KinesisAnalyticsV2HttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisAnalyticsV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisAnalyticsV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-analytics-v2/src/extensionConfiguration.ts b/clients/client-kinesis-analytics-v2/src/extensionConfiguration.ts index 5791dbef14f0e..16bf864ab9e63 100644 --- a/clients/client-kinesis-analytics-v2/src/extensionConfiguration.ts +++ b/clients/client-kinesis-analytics-v2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisAnalyticsV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-analytics-v2/src/runtimeConfig.shared.ts b/clients/client-kinesis-analytics-v2/src/runtimeConfig.shared.ts index 828f2c6b1998e..2236d3ee34fb3 100644 --- a/clients/client-kinesis-analytics-v2/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-analytics-v2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisAnalyticsV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisAnalyticsV2ClientConfig } from "./KinesisAnalyticsV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisAnalyticsV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisAnalyticsV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis Analytics V2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis-analytics-v2/src/runtimeExtensions.ts b/clients/client-kinesis-analytics-v2/src/runtimeExtensions.ts index 615d7a826afc7..7492376291775 100644 --- a/clients/client-kinesis-analytics-v2/src/runtimeExtensions.ts +++ b/clients/client-kinesis-analytics-v2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisAnalyticsV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-analytics/package.json b/clients/client-kinesis-analytics/package.json index bb928458a32bb..757c0830a9549 100644 --- a/clients/client-kinesis-analytics/package.json +++ b/clients/client-kinesis-analytics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kinesis-analytics/src/KinesisAnalyticsClient.ts b/clients/client-kinesis-analytics/src/KinesisAnalyticsClient.ts index 2b812e6fdcbaa..0f4367cab4ece 100644 --- a/clients/client-kinesis-analytics/src/KinesisAnalyticsClient.ts +++ b/clients/client-kinesis-analytics/src/KinesisAnalyticsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisAnalyticsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddApplicationCloudWatchLoggingOptionCommandInput, AddApplicationCloudWatchLoggingOptionCommandOutput, @@ -252,21 +257,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -305,8 +311,8 @@ export type KinesisAnalyticsClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -325,8 +331,8 @@ export type KinesisAnalyticsClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -366,8 +372,8 @@ export class KinesisAnalyticsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -376,8 +382,14 @@ export class KinesisAnalyticsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -388,4 +400,13 @@ export class KinesisAnalyticsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisAnalyticsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisAnalyticsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-analytics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-analytics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6d16d061ae48a --- /dev/null +++ b/clients/client-kinesis-analytics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisAnalyticsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisAnalyticsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisAnalyticsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisAnalyticsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisAnalyticsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisAnalyticsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-analytics/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-analytics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..73b0a361e92ae --- /dev/null +++ b/clients/client-kinesis-analytics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KinesisAnalyticsClientConfig, KinesisAnalyticsClientResolvedConfig } from "../KinesisAnalyticsClient"; + +/** + * @internal + */ +export interface KinesisAnalyticsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisAnalyticsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisAnalyticsClientResolvedConfig, + HandlerExecutionContext, + KinesisAnalyticsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisAnalyticsHttpAuthSchemeParametersProvider = async ( + config: KinesisAnalyticsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KinesisAnalyticsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisanalytics", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisAnalyticsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisAnalyticsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisAnalyticsHttpAuthSchemeProvider: KinesisAnalyticsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-analytics/src/extensionConfiguration.ts b/clients/client-kinesis-analytics/src/extensionConfiguration.ts index 7c352c36a7e97..718b8db86e081 100644 --- a/clients/client-kinesis-analytics/src/extensionConfiguration.ts +++ b/clients/client-kinesis-analytics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisAnalyticsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-analytics/src/runtimeConfig.shared.ts b/clients/client-kinesis-analytics/src/runtimeConfig.shared.ts index 4442b2b7975dc..552b455e07de2 100644 --- a/clients/client-kinesis-analytics/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-analytics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisAnalyticsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisAnalyticsClientConfig } from "./KinesisAnalyticsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisAnalyticsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisAnalyticsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis Analytics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis-analytics/src/runtimeExtensions.ts b/clients/client-kinesis-analytics/src/runtimeExtensions.ts index fa3f899be502a..f5ea005a4c1c2 100644 --- a/clients/client-kinesis-analytics/src/runtimeExtensions.ts +++ b/clients/client-kinesis-analytics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisAnalyticsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-video-archived-media/package.json b/clients/client-kinesis-video-archived-media/package.json index 73d77d1d934a4..f64190096cee1 100644 --- a/clients/client-kinesis-video-archived-media/package.json +++ b/clients/client-kinesis-video-archived-media/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-kinesis-video-archived-media/src/KinesisVideoArchivedMediaClient.ts b/clients/client-kinesis-video-archived-media/src/KinesisVideoArchivedMediaClient.ts index 2af385925f9ed..02b04e29e0b20 100644 --- a/clients/client-kinesis-video-archived-media/src/KinesisVideoArchivedMediaClient.ts +++ b/clients/client-kinesis-video-archived-media/src/KinesisVideoArchivedMediaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisVideoArchivedMediaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetClipCommandInput, GetClipCommandOutput } from "./commands/GetClipCommand"; import { GetDASHStreamingSessionURLCommandInput, @@ -184,21 +189,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -243,8 +249,8 @@ export type KinesisVideoArchivedMediaClientConfigType = Partial<__SmithyConfigur EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -263,8 +269,8 @@ export type KinesisVideoArchivedMediaClientResolvedConfigType = __SmithyResolved EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -296,8 +302,8 @@ export class KinesisVideoArchivedMediaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -306,8 +312,14 @@ export class KinesisVideoArchivedMediaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -318,4 +330,13 @@ export class KinesisVideoArchivedMediaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisVideoArchivedMediaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisVideoArchivedMediaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-video-archived-media/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-video-archived-media/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6e6f7eb35838e --- /dev/null +++ b/clients/client-kinesis-video-archived-media/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisVideoArchivedMediaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoArchivedMediaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisVideoArchivedMediaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisVideoArchivedMediaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoArchivedMediaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisVideoArchivedMediaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-video-archived-media/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-video-archived-media/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d4631a294cf18 --- /dev/null +++ b/clients/client-kinesis-video-archived-media/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + KinesisVideoArchivedMediaClientConfig, + KinesisVideoArchivedMediaClientResolvedConfig, +} from "../KinesisVideoArchivedMediaClient"; + +/** + * @internal + */ +export interface KinesisVideoArchivedMediaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisVideoArchivedMediaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisVideoArchivedMediaClientResolvedConfig, + HandlerExecutionContext, + KinesisVideoArchivedMediaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisVideoArchivedMediaHttpAuthSchemeParametersProvider = async ( + config: KinesisVideoArchivedMediaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: KinesisVideoArchivedMediaHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisvideo", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisVideoArchivedMediaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisVideoArchivedMediaHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisVideoArchivedMediaHttpAuthSchemeProvider: KinesisVideoArchivedMediaHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisVideoArchivedMediaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisVideoArchivedMediaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-video-archived-media/src/extensionConfiguration.ts b/clients/client-kinesis-video-archived-media/src/extensionConfiguration.ts index 3f985bcfb272c..ada138dfc4155 100644 --- a/clients/client-kinesis-video-archived-media/src/extensionConfiguration.ts +++ b/clients/client-kinesis-video-archived-media/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisVideoArchivedMediaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-video-archived-media/src/runtimeConfig.shared.ts b/clients/client-kinesis-video-archived-media/src/runtimeConfig.shared.ts index e000ce4713f32..96533e97c5e4c 100644 --- a/clients/client-kinesis-video-archived-media/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-video-archived-media/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisVideoArchivedMediaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisVideoArchivedMediaClientConfig } from "./KinesisVideoArchivedMediaClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: KinesisVideoArchivedMediaClientConfig) disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisVideoArchivedMediaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Kinesis Video Archived Media", diff --git a/clients/client-kinesis-video-archived-media/src/runtimeExtensions.ts b/clients/client-kinesis-video-archived-media/src/runtimeExtensions.ts index 3d534450ae62c..e198459fcc2f3 100644 --- a/clients/client-kinesis-video-archived-media/src/runtimeExtensions.ts +++ b/clients/client-kinesis-video-archived-media/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisVideoArchivedMediaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-video-media/package.json b/clients/client-kinesis-video-media/package.json index ea27eb9b55d36..9945790996eb4 100644 --- a/clients/client-kinesis-video-media/package.json +++ b/clients/client-kinesis-video-media/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-kinesis-video-media/src/KinesisVideoMediaClient.ts b/clients/client-kinesis-video-media/src/KinesisVideoMediaClient.ts index 0c45eacdba13f..b294a1635fe7f 100644 --- a/clients/client-kinesis-video-media/src/KinesisVideoMediaClient.ts +++ b/clients/client-kinesis-video-media/src/KinesisVideoMediaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisVideoMediaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetMediaCommandInput, GetMediaCommandOutput } from "./commands/GetMediaCommand"; import { ClientInputEndpointParameters, @@ -158,21 +163,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -217,8 +223,8 @@ export type KinesisVideoMediaClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -237,8 +243,8 @@ export type KinesisVideoMediaClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -269,8 +275,8 @@ export class KinesisVideoMediaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -279,8 +285,14 @@ export class KinesisVideoMediaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -291,4 +303,13 @@ export class KinesisVideoMediaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisVideoMediaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisVideoMediaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-video-media/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-video-media/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..20dd9d8a95f0f --- /dev/null +++ b/clients/client-kinesis-video-media/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisVideoMediaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoMediaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisVideoMediaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisVideoMediaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoMediaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisVideoMediaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-video-media/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-video-media/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b81bc96b25847 --- /dev/null +++ b/clients/client-kinesis-video-media/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KinesisVideoMediaClientConfig, KinesisVideoMediaClientResolvedConfig } from "../KinesisVideoMediaClient"; + +/** + * @internal + */ +export interface KinesisVideoMediaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisVideoMediaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisVideoMediaClientResolvedConfig, + HandlerExecutionContext, + KinesisVideoMediaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisVideoMediaHttpAuthSchemeParametersProvider = async ( + config: KinesisVideoMediaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KinesisVideoMediaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisvideo", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisVideoMediaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisVideoMediaHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisVideoMediaHttpAuthSchemeProvider: KinesisVideoMediaHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisVideoMediaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisVideoMediaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-video-media/src/extensionConfiguration.ts b/clients/client-kinesis-video-media/src/extensionConfiguration.ts index 141cf60dee97d..d9cfdea6ed564 100644 --- a/clients/client-kinesis-video-media/src/extensionConfiguration.ts +++ b/clients/client-kinesis-video-media/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisVideoMediaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-video-media/src/runtimeConfig.shared.ts b/clients/client-kinesis-video-media/src/runtimeConfig.shared.ts index fcd8eff15e5e9..753b1421f47ea 100644 --- a/clients/client-kinesis-video-media/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-video-media/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisVideoMediaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisVideoMediaClientConfig } from "./KinesisVideoMediaClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: KinesisVideoMediaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisVideoMediaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Kinesis Video Media", diff --git a/clients/client-kinesis-video-media/src/runtimeExtensions.ts b/clients/client-kinesis-video-media/src/runtimeExtensions.ts index 1a5421d641a79..ca3fcf9f3a23e 100644 --- a/clients/client-kinesis-video-media/src/runtimeExtensions.ts +++ b/clients/client-kinesis-video-media/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisVideoMediaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-video-signaling/package.json b/clients/client-kinesis-video-signaling/package.json index d7ff4efa36d29..22b8d805071b1 100644 --- a/clients/client-kinesis-video-signaling/package.json +++ b/clients/client-kinesis-video-signaling/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kinesis-video-signaling/src/KinesisVideoSignalingClient.ts b/clients/client-kinesis-video-signaling/src/KinesisVideoSignalingClient.ts index 4e828e03f816a..f2b84292140a9 100644 --- a/clients/client-kinesis-video-signaling/src/KinesisVideoSignalingClient.ts +++ b/clients/client-kinesis-video-signaling/src/KinesisVideoSignalingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { @@ -38,6 +36,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisVideoSignalingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetIceServerConfigCommandInput, GetIceServerConfigCommandOutput } from "./commands/GetIceServerConfigCommand"; import { SendAlexaOfferToMasterCommandInput, @@ -167,21 +172,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -220,8 +226,8 @@ export type KinesisVideoSignalingClientConfigType = Partial<__SmithyConfiguratio EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -240,8 +246,8 @@ export type KinesisVideoSignalingClientResolvedConfigType = __SmithyResolvedConf EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export class KinesisVideoSignalingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -284,9 +290,15 @@ export class KinesisVideoSignalingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); this.middlewareStack.use(getOmitRetryHeadersPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -297,4 +309,13 @@ export class KinesisVideoSignalingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisVideoSignalingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisVideoSignalingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-video-signaling/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-video-signaling/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..491bf258f5609 --- /dev/null +++ b/clients/client-kinesis-video-signaling/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisVideoSignalingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoSignalingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisVideoSignalingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisVideoSignalingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoSignalingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisVideoSignalingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-video-signaling/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-video-signaling/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..42cc178269308 --- /dev/null +++ b/clients/client-kinesis-video-signaling/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + KinesisVideoSignalingClientConfig, + KinesisVideoSignalingClientResolvedConfig, +} from "../KinesisVideoSignalingClient"; + +/** + * @internal + */ +export interface KinesisVideoSignalingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisVideoSignalingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisVideoSignalingClientResolvedConfig, + HandlerExecutionContext, + KinesisVideoSignalingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisVideoSignalingHttpAuthSchemeParametersProvider = async ( + config: KinesisVideoSignalingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: KinesisVideoSignalingHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisvideo", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisVideoSignalingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisVideoSignalingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisVideoSignalingHttpAuthSchemeProvider: KinesisVideoSignalingHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisVideoSignalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisVideoSignalingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-video-signaling/src/extensionConfiguration.ts b/clients/client-kinesis-video-signaling/src/extensionConfiguration.ts index efcedef9ea66d..7a1b7eea96f09 100644 --- a/clients/client-kinesis-video-signaling/src/extensionConfiguration.ts +++ b/clients/client-kinesis-video-signaling/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisVideoSignalingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-video-signaling/src/runtimeConfig.shared.ts b/clients/client-kinesis-video-signaling/src/runtimeConfig.shared.ts index 42492884d73d8..1edf43ba45c8a 100644 --- a/clients/client-kinesis-video-signaling/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-video-signaling/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisVideoSignalingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisVideoSignalingClientConfig } from "./KinesisVideoSignalingClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisVideoSignalingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisVideoSignalingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis Video Signaling", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis-video-signaling/src/runtimeExtensions.ts b/clients/client-kinesis-video-signaling/src/runtimeExtensions.ts index 05225ee160ce6..b513c6fe3c299 100644 --- a/clients/client-kinesis-video-signaling/src/runtimeExtensions.ts +++ b/clients/client-kinesis-video-signaling/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisVideoSignalingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-video-webrtc-storage/package.json b/clients/client-kinesis-video-webrtc-storage/package.json index 495b3fa0a36bc..c089640acc06d 100644 --- a/clients/client-kinesis-video-webrtc-storage/package.json +++ b/clients/client-kinesis-video-webrtc-storage/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kinesis-video-webrtc-storage/src/KinesisVideoWebRTCStorageClient.ts b/clients/client-kinesis-video-webrtc-storage/src/KinesisVideoWebRTCStorageClient.ts index ccd6304801fd6..6cf90416aed26 100644 --- a/clients/client-kinesis-video-webrtc-storage/src/KinesisVideoWebRTCStorageClient.ts +++ b/clients/client-kinesis-video-webrtc-storage/src/KinesisVideoWebRTCStorageClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisVideoWebRTCStorageHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { JoinStorageSessionCommandInput, JoinStorageSessionCommandOutput } from "./commands/JoinStorageSessionCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type KinesisVideoWebRTCStorageClientConfigType = Partial<__SmithyConfigur EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type KinesisVideoWebRTCStorageClientResolvedConfigType = __SmithyResolved EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -264,8 +270,8 @@ export class KinesisVideoWebRTCStorageClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -274,8 +280,14 @@ export class KinesisVideoWebRTCStorageClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -286,4 +298,13 @@ export class KinesisVideoWebRTCStorageClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisVideoWebRTCStorageHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisVideoWebRTCStorageClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3c6e0b501628e --- /dev/null +++ b/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisVideoWebRTCStorageHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoWebRTCStorageHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisVideoWebRTCStorageHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisVideoWebRTCStorageHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoWebRTCStorageHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisVideoWebRTCStorageHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a27f59769c397 --- /dev/null +++ b/clients/client-kinesis-video-webrtc-storage/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + KinesisVideoWebRTCStorageClientConfig, + KinesisVideoWebRTCStorageClientResolvedConfig, +} from "../KinesisVideoWebRTCStorageClient"; + +/** + * @internal + */ +export interface KinesisVideoWebRTCStorageHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisVideoWebRTCStorageHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisVideoWebRTCStorageClientResolvedConfig, + HandlerExecutionContext, + KinesisVideoWebRTCStorageHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisVideoWebRTCStorageHttpAuthSchemeParametersProvider = async ( + config: KinesisVideoWebRTCStorageClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: KinesisVideoWebRTCStorageHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisvideo", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisVideoWebRTCStorageClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisVideoWebRTCStorageHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisVideoWebRTCStorageHttpAuthSchemeProvider: KinesisVideoWebRTCStorageHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisVideoWebRTCStorageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisVideoWebRTCStorageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-video-webrtc-storage/src/extensionConfiguration.ts b/clients/client-kinesis-video-webrtc-storage/src/extensionConfiguration.ts index e7691acc9658c..ebc68aeb83ea2 100644 --- a/clients/client-kinesis-video-webrtc-storage/src/extensionConfiguration.ts +++ b/clients/client-kinesis-video-webrtc-storage/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisVideoWebRTCStorageExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-video-webrtc-storage/src/runtimeConfig.shared.ts b/clients/client-kinesis-video-webrtc-storage/src/runtimeConfig.shared.ts index d878adae39563..8c6658eafc22d 100644 --- a/clients/client-kinesis-video-webrtc-storage/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-video-webrtc-storage/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisVideoWebRTCStorageHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisVideoWebRTCStorageClientConfig } from "./KinesisVideoWebRTCStorageClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisVideoWebRTCStorageClientConfig) disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisVideoWebRTCStorageHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis Video WebRTC Storage", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis-video-webrtc-storage/src/runtimeExtensions.ts b/clients/client-kinesis-video-webrtc-storage/src/runtimeExtensions.ts index c062f98b2163d..d14da0c7a3836 100644 --- a/clients/client-kinesis-video-webrtc-storage/src/runtimeExtensions.ts +++ b/clients/client-kinesis-video-webrtc-storage/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisVideoWebRTCStorageExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis-video/package.json b/clients/client-kinesis-video/package.json index 349be24794e89..0adbae35dbfaa 100644 --- a/clients/client-kinesis-video/package.json +++ b/clients/client-kinesis-video/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kinesis-video/src/KinesisVideoClient.ts b/clients/client-kinesis-video/src/KinesisVideoClient.ts index c0cb44044e6c0..f7de54a4aaa3b 100644 --- a/clients/client-kinesis-video/src/KinesisVideoClient.ts +++ b/clients/client-kinesis-video/src/KinesisVideoClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisVideoHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSignalingChannelCommandInput, CreateSignalingChannelCommandOutput, @@ -303,21 +308,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -356,8 +362,8 @@ export type KinesisVideoClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -376,8 +382,8 @@ export type KinesisVideoClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -408,8 +414,8 @@ export class KinesisVideoClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -418,8 +424,14 @@ export class KinesisVideoClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -430,4 +442,13 @@ export class KinesisVideoClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisVideoHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisVideoClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis-video/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis-video/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c642fccb78339 --- /dev/null +++ b/clients/client-kinesis-video/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisVideoHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisVideoHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisVideoHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisVideoHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisVideoHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis-video/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis-video/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d9cc51776692a --- /dev/null +++ b/clients/client-kinesis-video/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KinesisVideoClientConfig, KinesisVideoClientResolvedConfig } from "../KinesisVideoClient"; + +/** + * @internal + */ +export interface KinesisVideoHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisVideoHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisVideoClientResolvedConfig, + HandlerExecutionContext, + KinesisVideoHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisVideoHttpAuthSchemeParametersProvider = async ( + config: KinesisVideoClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KinesisVideoHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesisvideo", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisVideoClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisVideoHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisVideoHttpAuthSchemeProvider: KinesisVideoHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisVideoHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisVideoHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis-video/src/extensionConfiguration.ts b/clients/client-kinesis-video/src/extensionConfiguration.ts index 7a11761baaf76..498b9548af335 100644 --- a/clients/client-kinesis-video/src/extensionConfiguration.ts +++ b/clients/client-kinesis-video/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisVideoExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis-video/src/runtimeConfig.shared.ts b/clients/client-kinesis-video/src/runtimeConfig.shared.ts index a02115feb0168..7c98ed5f833b2 100644 --- a/clients/client-kinesis-video/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis-video/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisVideoHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisVideoClientConfig } from "./KinesisVideoClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisVideoClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisVideoHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis Video", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis-video/src/runtimeExtensions.ts b/clients/client-kinesis-video/src/runtimeExtensions.ts index b45457a46b6c7..afb9470fb9e2b 100644 --- a/clients/client-kinesis-video/src/runtimeExtensions.ts +++ b/clients/client-kinesis-video/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisVideoExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kinesis/package.json b/clients/client-kinesis/package.json index 7843d58fdcf57..9f27ebdd4c7ca 100644 --- a/clients/client-kinesis/package.json +++ b/clients/client-kinesis/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -57,8 +56,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-kinesis/src/KinesisClient.ts b/clients/client-kinesis/src/KinesisClient.ts index b470d28c22683..7ec7983ba0265 100644 --- a/clients/client-kinesis/src/KinesisClient.ts +++ b/clients/client-kinesis/src/KinesisClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKinesisHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToStreamCommandInput, AddTagsToStreamCommandOutput } from "./commands/AddTagsToStreamCommand"; import { CreateStreamCommandInput, CreateStreamCommandOutput } from "./commands/CreateStreamCommand"; import { @@ -297,21 +302,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -355,9 +361,9 @@ export type KinesisClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -376,9 +382,9 @@ export type KinesisClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -411,9 +417,9 @@ export class KinesisClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -422,8 +428,14 @@ export class KinesisClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -434,4 +446,13 @@ export class KinesisClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKinesisHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KinesisClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kinesis/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kinesis/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..bd453091bdc88 --- /dev/null +++ b/clients/client-kinesis/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KinesisHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KinesisHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KinesisHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KinesisHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KinesisHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kinesis/src/auth/httpAuthSchemeProvider.ts b/clients/client-kinesis/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2ffbe7b74f9d3 --- /dev/null +++ b/clients/client-kinesis/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KinesisClientConfig, KinesisClientResolvedConfig } from "../KinesisClient"; + +/** + * @internal + */ +export interface KinesisHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KinesisHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KinesisClientResolvedConfig, + HandlerExecutionContext, + KinesisHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKinesisHttpAuthSchemeParametersProvider = async ( + config: KinesisClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KinesisHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kinesis", + region: authParameters.region, + }, + propertiesExtractor: (config: KinesisClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KinesisHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKinesisHttpAuthSchemeProvider: KinesisHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KinesisHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KinesisHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kinesis/src/extensionConfiguration.ts b/clients/client-kinesis/src/extensionConfiguration.ts index a6d463ddf8b0a..2c40c28b15490 100644 --- a/clients/client-kinesis/src/extensionConfiguration.ts +++ b/clients/client-kinesis/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KinesisExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kinesis/src/runtimeConfig.shared.ts b/clients/client-kinesis/src/runtimeConfig.shared.ts index f0fa7f9f87f10..42a32dbc0ae47 100644 --- a/clients/client-kinesis/src/runtimeConfig.shared.ts +++ b/clients/client-kinesis/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKinesisHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KinesisClientConfig } from "./KinesisClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KinesisClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKinesisHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Kinesis", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kinesis/src/runtimeExtensions.ts b/clients/client-kinesis/src/runtimeExtensions.ts index b52ee5abb8f3b..59befe39cda1d 100644 --- a/clients/client-kinesis/src/runtimeExtensions.ts +++ b/clients/client-kinesis/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KinesisExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-kms/package.json b/clients/client-kms/package.json index 36675eb17ea08..604ff24a3d6ad 100644 --- a/clients/client-kms/package.json +++ b/clients/client-kms/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-kms/src/KMSClient.ts b/clients/client-kms/src/KMSClient.ts index 824b441667f97..ffee9e0091f45 100644 --- a/clients/client-kms/src/KMSClient.ts +++ b/clients/client-kms/src/KMSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultKMSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelKeyDeletionCommandInput, CancelKeyDeletionCommandOutput } from "./commands/CancelKeyDeletionCommand"; import { ConnectCustomKeyStoreCommandInput, @@ -354,21 +359,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -407,8 +413,8 @@ export type KMSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export type KMSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -553,8 +559,8 @@ export class KMSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -563,8 +569,14 @@ export class KMSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -575,4 +587,13 @@ export class KMSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultKMSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: KMSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-kms/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-kms/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..69d26b4b3ae36 --- /dev/null +++ b/clients/client-kms/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { KMSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KMSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): KMSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: KMSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: KMSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): KMSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-kms/src/auth/httpAuthSchemeProvider.ts b/clients/client-kms/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ad8e5d1ed9122 --- /dev/null +++ b/clients/client-kms/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { KMSClientConfig, KMSClientResolvedConfig } from "../KMSClient"; + +/** + * @internal + */ +export interface KMSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface KMSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + KMSClientResolvedConfig, + HandlerExecutionContext, + KMSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultKMSHttpAuthSchemeParametersProvider = async ( + config: KMSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: KMSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "kms", + region: authParameters.region, + }, + propertiesExtractor: (config: KMSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface KMSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultKMSHttpAuthSchemeProvider: KMSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: KMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: KMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-kms/src/extensionConfiguration.ts b/clients/client-kms/src/extensionConfiguration.ts index b033ec60708bf..38fea72a5f0b3 100644 --- a/clients/client-kms/src/extensionConfiguration.ts +++ b/clients/client-kms/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface KMSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-kms/src/runtimeConfig.shared.ts b/clients/client-kms/src/runtimeConfig.shared.ts index 7f8023610e156..6e023e452f6f6 100644 --- a/clients/client-kms/src/runtimeConfig.shared.ts +++ b/clients/client-kms/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultKMSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { KMSClientConfig } from "./KMSClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: KMSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultKMSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "KMS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-kms/src/runtimeExtensions.ts b/clients/client-kms/src/runtimeExtensions.ts index dc45be71ae0af..a87fbf81707b5 100644 --- a/clients/client-kms/src/runtimeExtensions.ts +++ b/clients/client-kms/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { KMSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lakeformation/package.json b/clients/client-lakeformation/package.json index 5cb1d9a2aca6d..9dda4a38e3be2 100644 --- a/clients/client-lakeformation/package.json +++ b/clients/client-lakeformation/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-lakeformation/src/LakeFormationClient.ts b/clients/client-lakeformation/src/LakeFormationClient.ts index 5364c72fc1b81..2fa922cc6122d 100644 --- a/clients/client-lakeformation/src/LakeFormationClient.ts +++ b/clients/client-lakeformation/src/LakeFormationClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLakeFormationHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddLFTagsToResourceCommandInput, AddLFTagsToResourceCommandOutput, @@ -400,21 +405,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -459,8 +465,8 @@ export type LakeFormationClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -479,8 +485,8 @@ export type LakeFormationClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -512,8 +518,8 @@ export class LakeFormationClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -522,8 +528,14 @@ export class LakeFormationClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -534,4 +546,13 @@ export class LakeFormationClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLakeFormationHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LakeFormationClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lakeformation/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lakeformation/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3c35b04a85df4 --- /dev/null +++ b/clients/client-lakeformation/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LakeFormationHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LakeFormationHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LakeFormationHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LakeFormationHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LakeFormationHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LakeFormationHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lakeformation/src/auth/httpAuthSchemeProvider.ts b/clients/client-lakeformation/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d36ca7912fd76 --- /dev/null +++ b/clients/client-lakeformation/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LakeFormationClientConfig, LakeFormationClientResolvedConfig } from "../LakeFormationClient"; + +/** + * @internal + */ +export interface LakeFormationHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LakeFormationHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LakeFormationClientResolvedConfig, + HandlerExecutionContext, + LakeFormationHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLakeFormationHttpAuthSchemeParametersProvider = async ( + config: LakeFormationClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LakeFormationHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lakeformation", + region: authParameters.region, + }, + propertiesExtractor: (config: LakeFormationClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LakeFormationHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLakeFormationHttpAuthSchemeProvider: LakeFormationHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LakeFormationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LakeFormationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lakeformation/src/extensionConfiguration.ts b/clients/client-lakeformation/src/extensionConfiguration.ts index 5a5ad3a5b62cc..4ab0a0010db6e 100644 --- a/clients/client-lakeformation/src/extensionConfiguration.ts +++ b/clients/client-lakeformation/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LakeFormationExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lakeformation/src/runtimeConfig.shared.ts b/clients/client-lakeformation/src/runtimeConfig.shared.ts index 45db0d2886322..75fb15b822d99 100644 --- a/clients/client-lakeformation/src/runtimeConfig.shared.ts +++ b/clients/client-lakeformation/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLakeFormationHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LakeFormationClientConfig } from "./LakeFormationClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: LakeFormationClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLakeFormationHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "LakeFormation", diff --git a/clients/client-lakeformation/src/runtimeExtensions.ts b/clients/client-lakeformation/src/runtimeExtensions.ts index 3d5dff151304b..bca7e85de3960 100644 --- a/clients/client-lakeformation/src/runtimeExtensions.ts +++ b/clients/client-lakeformation/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LakeFormationExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lambda/package.json b/clients/client-lambda/package.json index d7be38491f12a..01c0bcca54bdb 100644 --- a/clients/client-lambda/package.json +++ b/clients/client-lambda/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -56,8 +55,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-lambda/src/LambdaClient.ts b/clients/client-lambda/src/LambdaClient.ts index c285f3cea759d..32ded09fa7866 100644 --- a/clients/client-lambda/src/LambdaClient.ts +++ b/clients/client-lambda/src/LambdaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLambdaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddLayerVersionPermissionCommandInput, AddLayerVersionPermissionCommandOutput, @@ -486,21 +491,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -544,9 +550,9 @@ export type LambdaClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -565,9 +571,9 @@ export type LambdaClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -662,9 +668,9 @@ export class LambdaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -673,8 +679,14 @@ export class LambdaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -685,4 +697,13 @@ export class LambdaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLambdaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LambdaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lambda/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lambda/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a2a621b853d11 --- /dev/null +++ b/clients/client-lambda/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LambdaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LambdaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LambdaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LambdaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LambdaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LambdaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lambda/src/auth/httpAuthSchemeProvider.ts b/clients/client-lambda/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3ae449dc080c3 --- /dev/null +++ b/clients/client-lambda/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LambdaClientConfig, LambdaClientResolvedConfig } from "../LambdaClient"; + +/** + * @internal + */ +export interface LambdaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LambdaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LambdaClientResolvedConfig, + HandlerExecutionContext, + LambdaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLambdaHttpAuthSchemeParametersProvider = async ( + config: LambdaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LambdaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lambda", + region: authParameters.region, + }, + propertiesExtractor: (config: LambdaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LambdaHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLambdaHttpAuthSchemeProvider: LambdaHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LambdaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LambdaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lambda/src/extensionConfiguration.ts b/clients/client-lambda/src/extensionConfiguration.ts index 1e13f1c13ac7b..0ac1682b93f5d 100644 --- a/clients/client-lambda/src/extensionConfiguration.ts +++ b/clients/client-lambda/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LambdaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lambda/src/runtimeConfig.shared.ts b/clients/client-lambda/src/runtimeConfig.shared.ts index a6be306142971..9c086c417be90 100644 --- a/clients/client-lambda/src/runtimeConfig.shared.ts +++ b/clients/client-lambda/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLambdaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LambdaClientConfig } from "./LambdaClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LambdaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLambdaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Lambda", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lambda/src/runtimeExtensions.ts b/clients/client-lambda/src/runtimeExtensions.ts index 51e3665e3eb55..388eae08d9ed2 100644 --- a/clients/client-lambda/src/runtimeExtensions.ts +++ b/clients/client-lambda/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LambdaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-launch-wizard/package.json b/clients/client-launch-wizard/package.json index 881a6b599ebce..e7c82ce10669a 100644 --- a/clients/client-launch-wizard/package.json +++ b/clients/client-launch-wizard/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-launch-wizard/src/LaunchWizardClient.ts b/clients/client-launch-wizard/src/LaunchWizardClient.ts index 142fb4b9c4fdc..de0ac1edd1770 100644 --- a/clients/client-launch-wizard/src/LaunchWizardClient.ts +++ b/clients/client-launch-wizard/src/LaunchWizardClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLaunchWizardHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDeploymentCommandInput, CreateDeploymentCommandOutput } from "./commands/CreateDeploymentCommand"; import { DeleteDeploymentCommandInput, DeleteDeploymentCommandOutput } from "./commands/DeleteDeploymentCommand"; import { GetDeploymentCommandInput, GetDeploymentCommandOutput } from "./commands/GetDeploymentCommand"; @@ -186,21 +191,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -239,8 +245,8 @@ export type LaunchWizardClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -259,8 +265,8 @@ export type LaunchWizardClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -294,8 +300,8 @@ export class LaunchWizardClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -304,8 +310,14 @@ export class LaunchWizardClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -316,4 +328,13 @@ export class LaunchWizardClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLaunchWizardHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LaunchWizardClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-launch-wizard/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-launch-wizard/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..991883e1b39bf --- /dev/null +++ b/clients/client-launch-wizard/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LaunchWizardHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LaunchWizardHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LaunchWizardHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LaunchWizardHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LaunchWizardHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LaunchWizardHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-launch-wizard/src/auth/httpAuthSchemeProvider.ts b/clients/client-launch-wizard/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f9de0ac6b6048 --- /dev/null +++ b/clients/client-launch-wizard/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LaunchWizardClientConfig, LaunchWizardClientResolvedConfig } from "../LaunchWizardClient"; + +/** + * @internal + */ +export interface LaunchWizardHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LaunchWizardHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LaunchWizardClientResolvedConfig, + HandlerExecutionContext, + LaunchWizardHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLaunchWizardHttpAuthSchemeParametersProvider = async ( + config: LaunchWizardClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LaunchWizardHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "launchwizard", + region: authParameters.region, + }, + propertiesExtractor: (config: LaunchWizardClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LaunchWizardHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLaunchWizardHttpAuthSchemeProvider: LaunchWizardHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LaunchWizardHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LaunchWizardHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-launch-wizard/src/extensionConfiguration.ts b/clients/client-launch-wizard/src/extensionConfiguration.ts index e86dcd63928e1..083aa2649b1c7 100644 --- a/clients/client-launch-wizard/src/extensionConfiguration.ts +++ b/clients/client-launch-wizard/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LaunchWizardExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-launch-wizard/src/runtimeConfig.shared.ts b/clients/client-launch-wizard/src/runtimeConfig.shared.ts index 4b9602b20e8c1..5d12c570e60f7 100644 --- a/clients/client-launch-wizard/src/runtimeConfig.shared.ts +++ b/clients/client-launch-wizard/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLaunchWizardHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LaunchWizardClientConfig } from "./LaunchWizardClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LaunchWizardClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLaunchWizardHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Launch Wizard", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-launch-wizard/src/runtimeExtensions.ts b/clients/client-launch-wizard/src/runtimeExtensions.ts index 82d8c676ee4ce..78eaaa7fb3f15 100644 --- a/clients/client-launch-wizard/src/runtimeExtensions.ts +++ b/clients/client-launch-wizard/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LaunchWizardExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lex-model-building-service/package.json b/clients/client-lex-model-building-service/package.json index bc337eb55665b..e6f45d3dc7d29 100644 --- a/clients/client-lex-model-building-service/package.json +++ b/clients/client-lex-model-building-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-lex-model-building-service/src/LexModelBuildingServiceClient.ts b/clients/client-lex-model-building-service/src/LexModelBuildingServiceClient.ts index a77ed810066a9..940cbffd6d1d3 100644 --- a/clients/client-lex-model-building-service/src/LexModelBuildingServiceClient.ts +++ b/clients/client-lex-model-building-service/src/LexModelBuildingServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLexModelBuildingServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBotVersionCommandInput, CreateBotVersionCommandOutput } from "./commands/CreateBotVersionCommand"; import { CreateIntentVersionCommandInput, @@ -312,21 +317,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -365,8 +371,8 @@ export type LexModelBuildingServiceClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -385,8 +391,8 @@ export type LexModelBuildingServiceClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -420,8 +426,8 @@ export class LexModelBuildingServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -430,8 +436,14 @@ export class LexModelBuildingServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -442,4 +454,13 @@ export class LexModelBuildingServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLexModelBuildingServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LexModelBuildingServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lex-model-building-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lex-model-building-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a0e6653af766a --- /dev/null +++ b/clients/client-lex-model-building-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LexModelBuildingServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexModelBuildingServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LexModelBuildingServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LexModelBuildingServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexModelBuildingServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LexModelBuildingServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lex-model-building-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-lex-model-building-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e7e1ba401bfe1 --- /dev/null +++ b/clients/client-lex-model-building-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + LexModelBuildingServiceClientConfig, + LexModelBuildingServiceClientResolvedConfig, +} from "../LexModelBuildingServiceClient"; + +/** + * @internal + */ +export interface LexModelBuildingServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LexModelBuildingServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LexModelBuildingServiceClientResolvedConfig, + HandlerExecutionContext, + LexModelBuildingServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLexModelBuildingServiceHttpAuthSchemeParametersProvider = async ( + config: LexModelBuildingServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: LexModelBuildingServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lex", + region: authParameters.region, + }, + propertiesExtractor: (config: LexModelBuildingServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LexModelBuildingServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLexModelBuildingServiceHttpAuthSchemeProvider: LexModelBuildingServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LexModelBuildingServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LexModelBuildingServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lex-model-building-service/src/extensionConfiguration.ts b/clients/client-lex-model-building-service/src/extensionConfiguration.ts index 9acb492168d2b..29d1b5edd9b3d 100644 --- a/clients/client-lex-model-building-service/src/extensionConfiguration.ts +++ b/clients/client-lex-model-building-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LexModelBuildingServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lex-model-building-service/src/runtimeConfig.shared.ts b/clients/client-lex-model-building-service/src/runtimeConfig.shared.ts index 2f1fe98473ce1..89efe77011187 100644 --- a/clients/client-lex-model-building-service/src/runtimeConfig.shared.ts +++ b/clients/client-lex-model-building-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLexModelBuildingServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LexModelBuildingServiceClientConfig } from "./LexModelBuildingServiceClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LexModelBuildingServiceClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLexModelBuildingServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Lex Model Building Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lex-model-building-service/src/runtimeExtensions.ts b/clients/client-lex-model-building-service/src/runtimeExtensions.ts index 0a71defeb621c..cdecc11c59d2b 100644 --- a/clients/client-lex-model-building-service/src/runtimeExtensions.ts +++ b/clients/client-lex-model-building-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LexModelBuildingServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lex-models-v2/package.json b/clients/client-lex-models-v2/package.json index 66b57aa05eaef..8accf5239cfbb 100644 --- a/clients/client-lex-models-v2/package.json +++ b/clients/client-lex-models-v2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-lex-models-v2/src/LexModelsV2Client.ts b/clients/client-lex-models-v2/src/LexModelsV2Client.ts index cdb58420ce9d0..c4c6d49635ec0 100644 --- a/clients/client-lex-models-v2/src/LexModelsV2Client.ts +++ b/clients/client-lex-models-v2/src/LexModelsV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLexModelsV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreateCustomVocabularyItemCommandInput, BatchCreateCustomVocabularyItemCommandOutput, @@ -576,21 +581,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -629,8 +635,8 @@ export type LexModelsV2ClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -649,8 +655,8 @@ export type LexModelsV2ClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -681,8 +687,8 @@ export class LexModelsV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -691,8 +697,14 @@ export class LexModelsV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -703,4 +715,13 @@ export class LexModelsV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLexModelsV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LexModelsV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lex-models-v2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lex-models-v2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fd8e67a04a92a --- /dev/null +++ b/clients/client-lex-models-v2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LexModelsV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexModelsV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LexModelsV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LexModelsV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexModelsV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LexModelsV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lex-models-v2/src/auth/httpAuthSchemeProvider.ts b/clients/client-lex-models-v2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b9342c231e7c4 --- /dev/null +++ b/clients/client-lex-models-v2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LexModelsV2ClientConfig, LexModelsV2ClientResolvedConfig } from "../LexModelsV2Client"; + +/** + * @internal + */ +export interface LexModelsV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LexModelsV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LexModelsV2ClientResolvedConfig, + HandlerExecutionContext, + LexModelsV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLexModelsV2HttpAuthSchemeParametersProvider = async ( + config: LexModelsV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LexModelsV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lex", + region: authParameters.region, + }, + propertiesExtractor: (config: LexModelsV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LexModelsV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLexModelsV2HttpAuthSchemeProvider: LexModelsV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LexModelsV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LexModelsV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lex-models-v2/src/extensionConfiguration.ts b/clients/client-lex-models-v2/src/extensionConfiguration.ts index c08e38f7ba412..3ada6f7abbe24 100644 --- a/clients/client-lex-models-v2/src/extensionConfiguration.ts +++ b/clients/client-lex-models-v2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LexModelsV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lex-models-v2/src/runtimeConfig.shared.ts b/clients/client-lex-models-v2/src/runtimeConfig.shared.ts index 95cddb095465d..5cbfa5849bebf 100644 --- a/clients/client-lex-models-v2/src/runtimeConfig.shared.ts +++ b/clients/client-lex-models-v2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLexModelsV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LexModelsV2ClientConfig } from "./LexModelsV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LexModelsV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLexModelsV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Lex Models V2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lex-models-v2/src/runtimeExtensions.ts b/clients/client-lex-models-v2/src/runtimeExtensions.ts index 76562edf211a6..5614080766b5c 100644 --- a/clients/client-lex-models-v2/src/runtimeExtensions.ts +++ b/clients/client-lex-models-v2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LexModelsV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lex-runtime-service/package.json b/clients/client-lex-runtime-service/package.json index 8467944a1be6e..c5be2184ed8a5 100644 --- a/clients/client-lex-runtime-service/package.json +++ b/clients/client-lex-runtime-service/package.json @@ -28,7 +28,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -36,7 +35,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -55,8 +54,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-lex-runtime-service/src/LexRuntimeServiceClient.ts b/clients/client-lex-runtime-service/src/LexRuntimeServiceClient.ts index 4369b427a0e80..c8b89bb92e761 100644 --- a/clients/client-lex-runtime-service/src/LexRuntimeServiceClient.ts +++ b/clients/client-lex-runtime-service/src/LexRuntimeServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLexRuntimeServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteSessionCommandInput, DeleteSessionCommandOutput } from "./commands/DeleteSessionCommand"; import { GetSessionCommandInput, GetSessionCommandOutput } from "./commands/GetSessionCommand"; import { PostContentCommandInput, PostContentCommandOutput } from "./commands/PostContentCommand"; @@ -172,21 +177,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -231,8 +237,8 @@ export type LexRuntimeServiceClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -251,8 +257,8 @@ export type LexRuntimeServiceClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -294,8 +300,8 @@ export class LexRuntimeServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -304,8 +310,14 @@ export class LexRuntimeServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -316,4 +328,13 @@ export class LexRuntimeServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLexRuntimeServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LexRuntimeServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lex-runtime-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lex-runtime-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cc59fe9cbb302 --- /dev/null +++ b/clients/client-lex-runtime-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LexRuntimeServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexRuntimeServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LexRuntimeServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LexRuntimeServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LexRuntimeServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LexRuntimeServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lex-runtime-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-lex-runtime-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d43d820269371 --- /dev/null +++ b/clients/client-lex-runtime-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LexRuntimeServiceClientConfig, LexRuntimeServiceClientResolvedConfig } from "../LexRuntimeServiceClient"; + +/** + * @internal + */ +export interface LexRuntimeServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LexRuntimeServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LexRuntimeServiceClientResolvedConfig, + HandlerExecutionContext, + LexRuntimeServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLexRuntimeServiceHttpAuthSchemeParametersProvider = async ( + config: LexRuntimeServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LexRuntimeServiceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lex", + region: authParameters.region, + }, + propertiesExtractor: (config: LexRuntimeServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LexRuntimeServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLexRuntimeServiceHttpAuthSchemeProvider: LexRuntimeServiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LexRuntimeServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LexRuntimeServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lex-runtime-service/src/extensionConfiguration.ts b/clients/client-lex-runtime-service/src/extensionConfiguration.ts index 848a578f7bc65..393daf8a3cc94 100644 --- a/clients/client-lex-runtime-service/src/extensionConfiguration.ts +++ b/clients/client-lex-runtime-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LexRuntimeServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lex-runtime-service/src/runtimeConfig.shared.ts b/clients/client-lex-runtime-service/src/runtimeConfig.shared.ts index ab8c6824dd4b5..c80966bf25d67 100644 --- a/clients/client-lex-runtime-service/src/runtimeConfig.shared.ts +++ b/clients/client-lex-runtime-service/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLexRuntimeServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LexRuntimeServiceClientConfig } from "./LexRuntimeServiceClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: LexRuntimeServiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLexRuntimeServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Lex Runtime Service", diff --git a/clients/client-lex-runtime-service/src/runtimeExtensions.ts b/clients/client-lex-runtime-service/src/runtimeExtensions.ts index e0149e06caad4..dc3f2fe22afc0 100644 --- a/clients/client-lex-runtime-service/src/runtimeExtensions.ts +++ b/clients/client-lex-runtime-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LexRuntimeServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lex-runtime-v2/package.json b/clients/client-lex-runtime-v2/package.json index 7e65f49db91d2..085000546712f 100644 --- a/clients/client-lex-runtime-v2/package.json +++ b/clients/client-lex-runtime-v2/package.json @@ -36,7 +36,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -58,7 +58,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", diff --git a/clients/client-license-manager-linux-subscriptions/package.json b/clients/client-license-manager-linux-subscriptions/package.json index d6b5bf267ce81..788749f0bdacc 100644 --- a/clients/client-license-manager-linux-subscriptions/package.json +++ b/clients/client-license-manager-linux-subscriptions/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-license-manager-linux-subscriptions/src/LicenseManagerLinuxSubscriptionsClient.ts b/clients/client-license-manager-linux-subscriptions/src/LicenseManagerLinuxSubscriptionsClient.ts index b375f7deb1719..0e2d0f46990f7 100644 --- a/clients/client-license-manager-linux-subscriptions/src/LicenseManagerLinuxSubscriptionsClient.ts +++ b/clients/client-license-manager-linux-subscriptions/src/LicenseManagerLinuxSubscriptionsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetServiceSettingsCommandInput, GetServiceSettingsCommandOutput } from "./commands/GetServiceSettingsCommand"; import { ListLinuxSubscriptionInstancesCommandInput, @@ -177,21 +182,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -230,8 +236,8 @@ export type LicenseManagerLinuxSubscriptionsClientConfigType = Partial<__SmithyC EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -252,8 +258,8 @@ export type LicenseManagerLinuxSubscriptionsClientResolvedConfigType = EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -286,8 +292,8 @@ export class LicenseManagerLinuxSubscriptionsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -296,8 +302,14 @@ export class LicenseManagerLinuxSubscriptionsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -308,4 +320,13 @@ export class LicenseManagerLinuxSubscriptionsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LicenseManagerLinuxSubscriptionsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fb779cd47d0da --- /dev/null +++ b/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthSchemeProvider.ts b/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..25e69a0338c10 --- /dev/null +++ b/clients/client-license-manager-linux-subscriptions/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + LicenseManagerLinuxSubscriptionsClientConfig, + LicenseManagerLinuxSubscriptionsClientResolvedConfig, +} from "../LicenseManagerLinuxSubscriptionsClient"; + +/** + * @internal + */ +export interface LicenseManagerLinuxSubscriptionsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LicenseManagerLinuxSubscriptionsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LicenseManagerLinuxSubscriptionsClientResolvedConfig, + HandlerExecutionContext, + LicenseManagerLinuxSubscriptionsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeParametersProvider = async ( + config: LicenseManagerLinuxSubscriptionsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: LicenseManagerLinuxSubscriptionsHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "license-manager-linux-subscriptions", + region: authParameters.region, + }, + propertiesExtractor: (config: LicenseManagerLinuxSubscriptionsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-license-manager-linux-subscriptions/src/extensionConfiguration.ts b/clients/client-license-manager-linux-subscriptions/src/extensionConfiguration.ts index 1ceb587e209e5..a42fef9cee77d 100644 --- a/clients/client-license-manager-linux-subscriptions/src/extensionConfiguration.ts +++ b/clients/client-license-manager-linux-subscriptions/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LicenseManagerLinuxSubscriptionsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-license-manager-linux-subscriptions/src/runtimeConfig.shared.ts b/clients/client-license-manager-linux-subscriptions/src/runtimeConfig.shared.ts index 099e83feeefdb..61c581b9ea18e 100644 --- a/clients/client-license-manager-linux-subscriptions/src/runtimeConfig.shared.ts +++ b/clients/client-license-manager-linux-subscriptions/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LicenseManagerLinuxSubscriptionsClientConfig } from "./LicenseManagerLinuxSubscriptionsClient"; @@ -18,6 +21,15 @@ export const getRuntimeConfig = (config: LicenseManagerLinuxSubscriptionsClientC disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: + config?.httpAuthSchemeProvider ?? defaultLicenseManagerLinuxSubscriptionsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "License Manager Linux Subscriptions", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-license-manager-linux-subscriptions/src/runtimeExtensions.ts b/clients/client-license-manager-linux-subscriptions/src/runtimeExtensions.ts index b3d8e677d4823..524808136008d 100644 --- a/clients/client-license-manager-linux-subscriptions/src/runtimeExtensions.ts +++ b/clients/client-license-manager-linux-subscriptions/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LicenseManagerLinuxSubscriptionsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-license-manager-user-subscriptions/package.json b/clients/client-license-manager-user-subscriptions/package.json index 6dda87a311f82..f7b44a8a69888 100644 --- a/clients/client-license-manager-user-subscriptions/package.json +++ b/clients/client-license-manager-user-subscriptions/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-license-manager-user-subscriptions/src/LicenseManagerUserSubscriptionsClient.ts b/clients/client-license-manager-user-subscriptions/src/LicenseManagerUserSubscriptionsClient.ts index 645fee480c8c9..c742a96360e75 100644 --- a/clients/client-license-manager-user-subscriptions/src/LicenseManagerUserSubscriptionsClient.ts +++ b/clients/client-license-manager-user-subscriptions/src/LicenseManagerUserSubscriptionsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLicenseManagerUserSubscriptionsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateUserCommandInput, AssociateUserCommandOutput } from "./commands/AssociateUserCommand"; import { DeregisterIdentityProviderCommandInput, @@ -213,21 +218,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -266,8 +272,8 @@ export type LicenseManagerUserSubscriptionsClientConfigType = Partial<__SmithyCo EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -287,8 +293,8 @@ export type LicenseManagerUserSubscriptionsClientResolvedConfigType = EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -321,8 +327,8 @@ export class LicenseManagerUserSubscriptionsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -331,8 +337,14 @@ export class LicenseManagerUserSubscriptionsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -343,4 +355,13 @@ export class LicenseManagerUserSubscriptionsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLicenseManagerUserSubscriptionsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LicenseManagerUserSubscriptionsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-license-manager-user-subscriptions/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-license-manager-user-subscriptions/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8736259c6af97 --- /dev/null +++ b/clients/client-license-manager-user-subscriptions/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LicenseManagerUserSubscriptionsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LicenseManagerUserSubscriptionsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LicenseManagerUserSubscriptionsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-license-manager-user-subscriptions/src/auth/httpAuthSchemeProvider.ts b/clients/client-license-manager-user-subscriptions/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..440a974ed5c15 --- /dev/null +++ b/clients/client-license-manager-user-subscriptions/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + LicenseManagerUserSubscriptionsClientConfig, + LicenseManagerUserSubscriptionsClientResolvedConfig, +} from "../LicenseManagerUserSubscriptionsClient"; + +/** + * @internal + */ +export interface LicenseManagerUserSubscriptionsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LicenseManagerUserSubscriptionsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LicenseManagerUserSubscriptionsClientResolvedConfig, + HandlerExecutionContext, + LicenseManagerUserSubscriptionsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLicenseManagerUserSubscriptionsHttpAuthSchemeParametersProvider = async ( + config: LicenseManagerUserSubscriptionsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: LicenseManagerUserSubscriptionsHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "license-manager-user-subscriptions", + region: authParameters.region, + }, + propertiesExtractor: (config: LicenseManagerUserSubscriptionsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LicenseManagerUserSubscriptionsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLicenseManagerUserSubscriptionsHttpAuthSchemeProvider: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LicenseManagerUserSubscriptionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-license-manager-user-subscriptions/src/extensionConfiguration.ts b/clients/client-license-manager-user-subscriptions/src/extensionConfiguration.ts index 2a296fd295889..b99fd5dcef0c9 100644 --- a/clients/client-license-manager-user-subscriptions/src/extensionConfiguration.ts +++ b/clients/client-license-manager-user-subscriptions/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LicenseManagerUserSubscriptionsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-license-manager-user-subscriptions/src/runtimeConfig.shared.ts b/clients/client-license-manager-user-subscriptions/src/runtimeConfig.shared.ts index 8e1d8925e4390..9de19d92ae44c 100644 --- a/clients/client-license-manager-user-subscriptions/src/runtimeConfig.shared.ts +++ b/clients/client-license-manager-user-subscriptions/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLicenseManagerUserSubscriptionsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LicenseManagerUserSubscriptionsClientConfig } from "./LicenseManagerUserSubscriptionsClient"; @@ -18,6 +21,15 @@ export const getRuntimeConfig = (config: LicenseManagerUserSubscriptionsClientCo disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: + config?.httpAuthSchemeProvider ?? defaultLicenseManagerUserSubscriptionsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "License Manager User Subscriptions", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-license-manager-user-subscriptions/src/runtimeExtensions.ts b/clients/client-license-manager-user-subscriptions/src/runtimeExtensions.ts index 91727b270a35f..19540f45c11c7 100644 --- a/clients/client-license-manager-user-subscriptions/src/runtimeExtensions.ts +++ b/clients/client-license-manager-user-subscriptions/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LicenseManagerUserSubscriptionsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-license-manager/package.json b/clients/client-license-manager/package.json index 09ecc69af19e1..fe25cd9d14dd5 100644 --- a/clients/client-license-manager/package.json +++ b/clients/client-license-manager/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-license-manager/src/LicenseManagerClient.ts b/clients/client-license-manager/src/LicenseManagerClient.ts index e2da4d7d76798..ea2d393b22939 100644 --- a/clients/client-license-manager/src/LicenseManagerClient.ts +++ b/clients/client-license-manager/src/LicenseManagerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLicenseManagerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptGrantCommandInput, AcceptGrantCommandOutput } from "./commands/AcceptGrantCommand"; import { CheckInLicenseCommandInput, CheckInLicenseCommandOutput } from "./commands/CheckInLicenseCommand"; import { @@ -393,21 +398,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -446,8 +452,8 @@ export type LicenseManagerClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -466,8 +472,8 @@ export type LicenseManagerClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -499,8 +505,8 @@ export class LicenseManagerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -509,8 +515,14 @@ export class LicenseManagerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -521,4 +533,13 @@ export class LicenseManagerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLicenseManagerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LicenseManagerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-license-manager/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-license-manager/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e6f667ea59a94 --- /dev/null +++ b/clients/client-license-manager/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LicenseManagerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LicenseManagerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LicenseManagerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LicenseManagerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LicenseManagerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-license-manager/src/auth/httpAuthSchemeProvider.ts b/clients/client-license-manager/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4c6f61e440473 --- /dev/null +++ b/clients/client-license-manager/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LicenseManagerClientConfig, LicenseManagerClientResolvedConfig } from "../LicenseManagerClient"; + +/** + * @internal + */ +export interface LicenseManagerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LicenseManagerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LicenseManagerClientResolvedConfig, + HandlerExecutionContext, + LicenseManagerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLicenseManagerHttpAuthSchemeParametersProvider = async ( + config: LicenseManagerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LicenseManagerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "license-manager", + region: authParameters.region, + }, + propertiesExtractor: (config: LicenseManagerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LicenseManagerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLicenseManagerHttpAuthSchemeProvider: LicenseManagerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LicenseManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LicenseManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-license-manager/src/extensionConfiguration.ts b/clients/client-license-manager/src/extensionConfiguration.ts index 626240f4d3bd7..b1f5f74c974d0 100644 --- a/clients/client-license-manager/src/extensionConfiguration.ts +++ b/clients/client-license-manager/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LicenseManagerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-license-manager/src/runtimeConfig.shared.ts b/clients/client-license-manager/src/runtimeConfig.shared.ts index 91d4839bef139..7756a736e407b 100644 --- a/clients/client-license-manager/src/runtimeConfig.shared.ts +++ b/clients/client-license-manager/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLicenseManagerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LicenseManagerClientConfig } from "./LicenseManagerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LicenseManagerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLicenseManagerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "License Manager", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-license-manager/src/runtimeExtensions.ts b/clients/client-license-manager/src/runtimeExtensions.ts index 469aee9850231..c046e05ea365c 100644 --- a/clients/client-license-manager/src/runtimeExtensions.ts +++ b/clients/client-license-manager/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LicenseManagerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lightsail/package.json b/clients/client-lightsail/package.json index 0d11b95fdcfdb..7ae6ae5e1f5e8 100644 --- a/clients/client-lightsail/package.json +++ b/clients/client-lightsail/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-lightsail/src/LightsailClient.ts b/clients/client-lightsail/src/LightsailClient.ts index 5d373eac083e0..b00a40fde0235 100644 --- a/clients/client-lightsail/src/LightsailClient.ts +++ b/clients/client-lightsail/src/LightsailClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLightsailHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AllocateStaticIpCommandInput, AllocateStaticIpCommandOutput } from "./commands/AllocateStaticIpCommand"; import { AttachCertificateToDistributionCommandInput, @@ -873,21 +878,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -926,8 +932,8 @@ export type LightsailClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -946,8 +952,8 @@ export type LightsailClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -991,8 +997,8 @@ export class LightsailClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1001,8 +1007,14 @@ export class LightsailClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1013,4 +1025,13 @@ export class LightsailClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLightsailHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LightsailClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lightsail/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lightsail/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..903b45aef8db8 --- /dev/null +++ b/clients/client-lightsail/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LightsailHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LightsailHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LightsailHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LightsailHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LightsailHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LightsailHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lightsail/src/auth/httpAuthSchemeProvider.ts b/clients/client-lightsail/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dfa23d3c2c7ee --- /dev/null +++ b/clients/client-lightsail/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LightsailClientConfig, LightsailClientResolvedConfig } from "../LightsailClient"; + +/** + * @internal + */ +export interface LightsailHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LightsailHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LightsailClientResolvedConfig, + HandlerExecutionContext, + LightsailHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLightsailHttpAuthSchemeParametersProvider = async ( + config: LightsailClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LightsailHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lightsail", + region: authParameters.region, + }, + propertiesExtractor: (config: LightsailClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LightsailHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLightsailHttpAuthSchemeProvider: LightsailHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LightsailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LightsailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lightsail/src/extensionConfiguration.ts b/clients/client-lightsail/src/extensionConfiguration.ts index 74ebb16a6fb7f..074500c5380c9 100644 --- a/clients/client-lightsail/src/extensionConfiguration.ts +++ b/clients/client-lightsail/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LightsailExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lightsail/src/runtimeConfig.shared.ts b/clients/client-lightsail/src/runtimeConfig.shared.ts index c9b508869c9f6..d11857bfd4a48 100644 --- a/clients/client-lightsail/src/runtimeConfig.shared.ts +++ b/clients/client-lightsail/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLightsailHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LightsailClientConfig } from "./LightsailClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LightsailClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLightsailHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Lightsail", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lightsail/src/runtimeExtensions.ts b/clients/client-lightsail/src/runtimeExtensions.ts index 2b1d33bc85319..a8894832af0c8 100644 --- a/clients/client-lightsail/src/runtimeExtensions.ts +++ b/clients/client-lightsail/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LightsailExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-location/package.json b/clients/client-location/package.json index 5db05097aa487..46d95d17cd9d8 100644 --- a/clients/client-location/package.json +++ b/clients/client-location/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-location/src/LocationClient.ts b/clients/client-location/src/LocationClient.ts index b2eba2a132803..c7686c51feafd 100644 --- a/clients/client-location/src/LocationClient.ts +++ b/clients/client-location/src/LocationClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLocationHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateTrackerConsumerCommandInput, AssociateTrackerConsumerCommandOutput, @@ -408,21 +413,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -461,8 +467,8 @@ export type LocationClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -481,8 +487,8 @@ export type LocationClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -513,8 +519,8 @@ export class LocationClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -523,8 +529,14 @@ export class LocationClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -535,4 +547,13 @@ export class LocationClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLocationHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LocationClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-location/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-location/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7bf9b2d84eb65 --- /dev/null +++ b/clients/client-location/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LocationHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LocationHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LocationHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LocationHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LocationHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LocationHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-location/src/auth/httpAuthSchemeProvider.ts b/clients/client-location/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0fd99d3f25750 --- /dev/null +++ b/clients/client-location/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LocationClientConfig, LocationClientResolvedConfig } from "../LocationClient"; + +/** + * @internal + */ +export interface LocationHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LocationHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LocationClientResolvedConfig, + HandlerExecutionContext, + LocationHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLocationHttpAuthSchemeParametersProvider = async ( + config: LocationClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LocationHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "geo", + region: authParameters.region, + }, + propertiesExtractor: (config: LocationClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LocationHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLocationHttpAuthSchemeProvider: LocationHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LocationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LocationHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-location/src/extensionConfiguration.ts b/clients/client-location/src/extensionConfiguration.ts index a014b88b5cfad..1a6bfb0b5f480 100644 --- a/clients/client-location/src/extensionConfiguration.ts +++ b/clients/client-location/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LocationExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-location/src/runtimeConfig.shared.ts b/clients/client-location/src/runtimeConfig.shared.ts index 681800074926e..9d4930d77ebd4 100644 --- a/clients/client-location/src/runtimeConfig.shared.ts +++ b/clients/client-location/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLocationHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LocationClientConfig } from "./LocationClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LocationClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLocationHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Location", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-location/src/runtimeExtensions.ts b/clients/client-location/src/runtimeExtensions.ts index 79e0b2ccbe435..1a6a224a90858 100644 --- a/clients/client-location/src/runtimeExtensions.ts +++ b/clients/client-location/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LocationExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lookoutequipment/package.json b/clients/client-lookoutequipment/package.json index 0e599a3905db7..2ce226c3a44da 100644 --- a/clients/client-lookoutequipment/package.json +++ b/clients/client-lookoutequipment/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-lookoutequipment/src/LookoutEquipmentClient.ts b/clients/client-lookoutequipment/src/LookoutEquipmentClient.ts index 203e58ef27a67..0983015fafbeb 100644 --- a/clients/client-lookoutequipment/src/LookoutEquipmentClient.ts +++ b/clients/client-lookoutequipment/src/LookoutEquipmentClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLookoutEquipmentHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDatasetCommandInput, CreateDatasetCommandOutput } from "./commands/CreateDatasetCommand"; import { CreateInferenceSchedulerCommandInput, @@ -378,21 +383,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -431,8 +437,8 @@ export type LookoutEquipmentClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -451,8 +457,8 @@ export type LookoutEquipmentClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -484,8 +490,8 @@ export class LookoutEquipmentClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -494,8 +500,14 @@ export class LookoutEquipmentClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -506,4 +518,13 @@ export class LookoutEquipmentClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLookoutEquipmentHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LookoutEquipmentClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lookoutequipment/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lookoutequipment/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8798157230708 --- /dev/null +++ b/clients/client-lookoutequipment/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LookoutEquipmentHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutEquipmentHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LookoutEquipmentHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LookoutEquipmentHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutEquipmentHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LookoutEquipmentHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lookoutequipment/src/auth/httpAuthSchemeProvider.ts b/clients/client-lookoutequipment/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e34d51e928107 --- /dev/null +++ b/clients/client-lookoutequipment/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LookoutEquipmentClientConfig, LookoutEquipmentClientResolvedConfig } from "../LookoutEquipmentClient"; + +/** + * @internal + */ +export interface LookoutEquipmentHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LookoutEquipmentHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LookoutEquipmentClientResolvedConfig, + HandlerExecutionContext, + LookoutEquipmentHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLookoutEquipmentHttpAuthSchemeParametersProvider = async ( + config: LookoutEquipmentClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LookoutEquipmentHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lookoutequipment", + region: authParameters.region, + }, + propertiesExtractor: (config: LookoutEquipmentClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LookoutEquipmentHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLookoutEquipmentHttpAuthSchemeProvider: LookoutEquipmentHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LookoutEquipmentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LookoutEquipmentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lookoutequipment/src/extensionConfiguration.ts b/clients/client-lookoutequipment/src/extensionConfiguration.ts index 867e0e3219e87..af8e5821d62bc 100644 --- a/clients/client-lookoutequipment/src/extensionConfiguration.ts +++ b/clients/client-lookoutequipment/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LookoutEquipmentExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lookoutequipment/src/runtimeConfig.shared.ts b/clients/client-lookoutequipment/src/runtimeConfig.shared.ts index 5ec8b1a384d6d..ec5f71089ee0c 100644 --- a/clients/client-lookoutequipment/src/runtimeConfig.shared.ts +++ b/clients/client-lookoutequipment/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLookoutEquipmentHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LookoutEquipmentClientConfig } from "./LookoutEquipmentClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LookoutEquipmentClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLookoutEquipmentHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "LookoutEquipment", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lookoutequipment/src/runtimeExtensions.ts b/clients/client-lookoutequipment/src/runtimeExtensions.ts index 39acef657f460..d922e635e90c0 100644 --- a/clients/client-lookoutequipment/src/runtimeExtensions.ts +++ b/clients/client-lookoutequipment/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LookoutEquipmentExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lookoutmetrics/package.json b/clients/client-lookoutmetrics/package.json index cff3619c22511..f3e8c7dafffac 100644 --- a/clients/client-lookoutmetrics/package.json +++ b/clients/client-lookoutmetrics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-lookoutmetrics/src/LookoutMetricsClient.ts b/clients/client-lookoutmetrics/src/LookoutMetricsClient.ts index a625356a96652..1b386e3b4312a 100644 --- a/clients/client-lookoutmetrics/src/LookoutMetricsClient.ts +++ b/clients/client-lookoutmetrics/src/LookoutMetricsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLookoutMetricsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivateAnomalyDetectorCommandInput, ActivateAnomalyDetectorCommandOutput, @@ -291,21 +296,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -344,8 +350,8 @@ export type LookoutMetricsClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -364,8 +370,8 @@ export type LookoutMetricsClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -398,8 +404,8 @@ export class LookoutMetricsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -408,8 +414,14 @@ export class LookoutMetricsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -420,4 +432,13 @@ export class LookoutMetricsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLookoutMetricsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LookoutMetricsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lookoutmetrics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lookoutmetrics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..03856f52d40ce --- /dev/null +++ b/clients/client-lookoutmetrics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LookoutMetricsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutMetricsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LookoutMetricsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LookoutMetricsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutMetricsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LookoutMetricsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lookoutmetrics/src/auth/httpAuthSchemeProvider.ts b/clients/client-lookoutmetrics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..471086f8eb7d8 --- /dev/null +++ b/clients/client-lookoutmetrics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LookoutMetricsClientConfig, LookoutMetricsClientResolvedConfig } from "../LookoutMetricsClient"; + +/** + * @internal + */ +export interface LookoutMetricsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LookoutMetricsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LookoutMetricsClientResolvedConfig, + HandlerExecutionContext, + LookoutMetricsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLookoutMetricsHttpAuthSchemeParametersProvider = async ( + config: LookoutMetricsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LookoutMetricsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lookoutmetrics", + region: authParameters.region, + }, + propertiesExtractor: (config: LookoutMetricsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LookoutMetricsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLookoutMetricsHttpAuthSchemeProvider: LookoutMetricsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LookoutMetricsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LookoutMetricsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lookoutmetrics/src/extensionConfiguration.ts b/clients/client-lookoutmetrics/src/extensionConfiguration.ts index 2ee45fe63613d..5c36deb75bac2 100644 --- a/clients/client-lookoutmetrics/src/extensionConfiguration.ts +++ b/clients/client-lookoutmetrics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LookoutMetricsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lookoutmetrics/src/runtimeConfig.shared.ts b/clients/client-lookoutmetrics/src/runtimeConfig.shared.ts index 8efeb36c6ebe0..0fbfd9e2b9d94 100644 --- a/clients/client-lookoutmetrics/src/runtimeConfig.shared.ts +++ b/clients/client-lookoutmetrics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLookoutMetricsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LookoutMetricsClientConfig } from "./LookoutMetricsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LookoutMetricsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLookoutMetricsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "LookoutMetrics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lookoutmetrics/src/runtimeExtensions.ts b/clients/client-lookoutmetrics/src/runtimeExtensions.ts index f31a9fb9eef9d..1c65733f4b84b 100644 --- a/clients/client-lookoutmetrics/src/runtimeExtensions.ts +++ b/clients/client-lookoutmetrics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LookoutMetricsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-lookoutvision/package.json b/clients/client-lookoutvision/package.json index aaeecb40419e0..9d1142086b19f 100644 --- a/clients/client-lookoutvision/package.json +++ b/clients/client-lookoutvision/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-lookoutvision/src/LookoutVisionClient.ts b/clients/client-lookoutvision/src/LookoutVisionClient.ts index 2a1bb974e2c37..508743c40aa91 100644 --- a/clients/client-lookoutvision/src/LookoutVisionClient.ts +++ b/clients/client-lookoutvision/src/LookoutVisionClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultLookoutVisionHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDatasetCommandInput, CreateDatasetCommandOutput } from "./commands/CreateDatasetCommand"; import { CreateModelCommandInput, CreateModelCommandOutput } from "./commands/CreateModelCommand"; import { CreateProjectCommandInput, CreateProjectCommandOutput } from "./commands/CreateProjectCommand"; @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type LookoutVisionClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type LookoutVisionClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -348,8 +354,8 @@ export class LookoutVisionClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -358,8 +364,14 @@ export class LookoutVisionClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -370,4 +382,13 @@ export class LookoutVisionClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultLookoutVisionHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: LookoutVisionClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-lookoutvision/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-lookoutvision/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2bfcec10e9bf4 --- /dev/null +++ b/clients/client-lookoutvision/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { LookoutVisionHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutVisionHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): LookoutVisionHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: LookoutVisionHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: LookoutVisionHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): LookoutVisionHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-lookoutvision/src/auth/httpAuthSchemeProvider.ts b/clients/client-lookoutvision/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..aa4ad32de3876 --- /dev/null +++ b/clients/client-lookoutvision/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { LookoutVisionClientConfig, LookoutVisionClientResolvedConfig } from "../LookoutVisionClient"; + +/** + * @internal + */ +export interface LookoutVisionHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface LookoutVisionHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + LookoutVisionClientResolvedConfig, + HandlerExecutionContext, + LookoutVisionHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultLookoutVisionHttpAuthSchemeParametersProvider = async ( + config: LookoutVisionClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: LookoutVisionHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "lookoutvision", + region: authParameters.region, + }, + propertiesExtractor: (config: LookoutVisionClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface LookoutVisionHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultLookoutVisionHttpAuthSchemeProvider: LookoutVisionHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: LookoutVisionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: LookoutVisionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-lookoutvision/src/extensionConfiguration.ts b/clients/client-lookoutvision/src/extensionConfiguration.ts index 42bc82e1cee39..6407e1e0e5877 100644 --- a/clients/client-lookoutvision/src/extensionConfiguration.ts +++ b/clients/client-lookoutvision/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface LookoutVisionExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-lookoutvision/src/runtimeConfig.shared.ts b/clients/client-lookoutvision/src/runtimeConfig.shared.ts index 9448086727c22..80693f322a52a 100644 --- a/clients/client-lookoutvision/src/runtimeConfig.shared.ts +++ b/clients/client-lookoutvision/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultLookoutVisionHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { LookoutVisionClientConfig } from "./LookoutVisionClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: LookoutVisionClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultLookoutVisionHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "LookoutVision", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-lookoutvision/src/runtimeExtensions.ts b/clients/client-lookoutvision/src/runtimeExtensions.ts index aad7e22367c1f..e0a53b51927a3 100644 --- a/clients/client-lookoutvision/src/runtimeExtensions.ts +++ b/clients/client-lookoutvision/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { LookoutVisionExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-m2/package.json b/clients/client-m2/package.json index ecd7645086ac3..13a92c8c0d5d9 100644 --- a/clients/client-m2/package.json +++ b/clients/client-m2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-m2/src/M2Client.ts b/clients/client-m2/src/M2Client.ts index e41eed9a30389..ef9e35887d899 100644 --- a/clients/client-m2/src/M2Client.ts +++ b/clients/client-m2/src/M2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultM2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelBatchJobExecutionCommandInput, CancelBatchJobExecutionCommandOutput, @@ -291,21 +296,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -344,8 +350,8 @@ export type M2ClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpti EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -364,8 +370,8 @@ export type M2ClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHan EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -400,8 +406,8 @@ export class M2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -410,8 +416,14 @@ export class M2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -422,4 +434,13 @@ export class M2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultM2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: M2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-m2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-m2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c0e449d2006f9 --- /dev/null +++ b/clients/client-m2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { M2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: M2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): M2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: M2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: M2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): M2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-m2/src/auth/httpAuthSchemeProvider.ts b/clients/client-m2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1fb24941f2ba7 --- /dev/null +++ b/clients/client-m2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { M2ClientConfig, M2ClientResolvedConfig } from "../M2Client"; + +/** + * @internal + */ +export interface M2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface M2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + M2ClientResolvedConfig, + HandlerExecutionContext, + M2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultM2HttpAuthSchemeParametersProvider = async ( + config: M2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: M2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "m2", + region: authParameters.region, + }, + propertiesExtractor: (config: M2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface M2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultM2HttpAuthSchemeProvider: M2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: M2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: M2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-m2/src/extensionConfiguration.ts b/clients/client-m2/src/extensionConfiguration.ts index 4941e1b97c7d4..55512219804ca 100644 --- a/clients/client-m2/src/extensionConfiguration.ts +++ b/clients/client-m2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface M2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-m2/src/runtimeConfig.shared.ts b/clients/client-m2/src/runtimeConfig.shared.ts index d7cc4b5e7c96b..20d8affbedcb6 100644 --- a/clients/client-m2/src/runtimeConfig.shared.ts +++ b/clients/client-m2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultM2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { M2ClientConfig } from "./M2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: M2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultM2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "m2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-m2/src/runtimeExtensions.ts b/clients/client-m2/src/runtimeExtensions.ts index cc982d165328c..cd9db5f1e26e4 100644 --- a/clients/client-m2/src/runtimeExtensions.ts +++ b/clients/client-m2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { M2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-machine-learning/package.json b/clients/client-machine-learning/package.json index 7093705218fc9..65de6e05bf610 100644 --- a/clients/client-machine-learning/package.json +++ b/clients/client-machine-learning/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-macie2/package.json b/clients/client-macie2/package.json index 7af7173d83f98..445e7101200d0 100644 --- a/clients/client-macie2/package.json +++ b/clients/client-macie2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-macie2/src/Macie2Client.ts b/clients/client-macie2/src/Macie2Client.ts index 93b0860dbca54..a5123b8553aa1 100644 --- a/clients/client-macie2/src/Macie2Client.ts +++ b/clients/client-macie2/src/Macie2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMacie2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptInvitationCommandInput, AcceptInvitationCommandOutput } from "./commands/AcceptInvitationCommand"; import { BatchGetCustomDataIdentifiersCommandInput, @@ -540,21 +545,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -593,8 +599,8 @@ export type Macie2ClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -613,8 +619,8 @@ export type Macie2ClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -645,8 +651,8 @@ export class Macie2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -655,8 +661,14 @@ export class Macie2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -667,4 +679,13 @@ export class Macie2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMacie2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Macie2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-macie2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-macie2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8955059f038e0 --- /dev/null +++ b/clients/client-macie2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Macie2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Macie2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Macie2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Macie2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Macie2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Macie2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-macie2/src/auth/httpAuthSchemeProvider.ts b/clients/client-macie2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..708b1780f6561 --- /dev/null +++ b/clients/client-macie2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { Macie2ClientConfig, Macie2ClientResolvedConfig } from "../Macie2Client"; + +/** + * @internal + */ +export interface Macie2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Macie2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Macie2ClientResolvedConfig, + HandlerExecutionContext, + Macie2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMacie2HttpAuthSchemeParametersProvider = async ( + config: Macie2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: Macie2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "macie2", + region: authParameters.region, + }, + propertiesExtractor: (config: Macie2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Macie2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMacie2HttpAuthSchemeProvider: Macie2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Macie2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Macie2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-macie2/src/extensionConfiguration.ts b/clients/client-macie2/src/extensionConfiguration.ts index e12afce2435d8..4477ab24da84f 100644 --- a/clients/client-macie2/src/extensionConfiguration.ts +++ b/clients/client-macie2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Macie2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-macie2/src/runtimeConfig.shared.ts b/clients/client-macie2/src/runtimeConfig.shared.ts index b84886ba2d0a4..507d3bf7ab4eb 100644 --- a/clients/client-macie2/src/runtimeConfig.shared.ts +++ b/clients/client-macie2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMacie2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Macie2ClientConfig } from "./Macie2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Macie2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMacie2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Macie2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-macie2/src/runtimeExtensions.ts b/clients/client-macie2/src/runtimeExtensions.ts index 13336abe16fd3..65dac6f590f98 100644 --- a/clients/client-macie2/src/runtimeExtensions.ts +++ b/clients/client-macie2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Macie2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-managedblockchain-query/package.json b/clients/client-managedblockchain-query/package.json index 4dcc959fdda59..61241ac49a3ec 100644 --- a/clients/client-managedblockchain-query/package.json +++ b/clients/client-managedblockchain-query/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-managedblockchain-query/src/ManagedBlockchainQueryClient.ts b/clients/client-managedblockchain-query/src/ManagedBlockchainQueryClient.ts index 0bd6ab81259eb..879ff16dcc502 100644 --- a/clients/client-managedblockchain-query/src/ManagedBlockchainQueryClient.ts +++ b/clients/client-managedblockchain-query/src/ManagedBlockchainQueryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultManagedBlockchainQueryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetTokenBalanceCommandInput, BatchGetTokenBalanceCommandOutput, @@ -186,21 +191,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -239,8 +245,8 @@ export type ManagedBlockchainQueryClientConfigType = Partial<__SmithyConfigurati EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -259,8 +265,8 @@ export type ManagedBlockchainQueryClientResolvedConfigType = __SmithyResolvedCon EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -297,8 +303,8 @@ export class ManagedBlockchainQueryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -307,8 +313,14 @@ export class ManagedBlockchainQueryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -319,4 +331,13 @@ export class ManagedBlockchainQueryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultManagedBlockchainQueryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ManagedBlockchainQueryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-managedblockchain-query/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-managedblockchain-query/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cb14d61dd2053 --- /dev/null +++ b/clients/client-managedblockchain-query/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ManagedBlockchainQueryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ManagedBlockchainQueryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ManagedBlockchainQueryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ManagedBlockchainQueryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ManagedBlockchainQueryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ManagedBlockchainQueryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-managedblockchain-query/src/auth/httpAuthSchemeProvider.ts b/clients/client-managedblockchain-query/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d66d51017ba02 --- /dev/null +++ b/clients/client-managedblockchain-query/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ManagedBlockchainQueryClientConfig, + ManagedBlockchainQueryClientResolvedConfig, +} from "../ManagedBlockchainQueryClient"; + +/** + * @internal + */ +export interface ManagedBlockchainQueryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ManagedBlockchainQueryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ManagedBlockchainQueryClientResolvedConfig, + HandlerExecutionContext, + ManagedBlockchainQueryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultManagedBlockchainQueryHttpAuthSchemeParametersProvider = async ( + config: ManagedBlockchainQueryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ManagedBlockchainQueryHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "managedblockchain-query", + region: authParameters.region, + }, + propertiesExtractor: (config: ManagedBlockchainQueryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ManagedBlockchainQueryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultManagedBlockchainQueryHttpAuthSchemeProvider: ManagedBlockchainQueryHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ManagedBlockchainQueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ManagedBlockchainQueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-managedblockchain-query/src/extensionConfiguration.ts b/clients/client-managedblockchain-query/src/extensionConfiguration.ts index 8a60f7574b1d6..6c7924830e288 100644 --- a/clients/client-managedblockchain-query/src/extensionConfiguration.ts +++ b/clients/client-managedblockchain-query/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ManagedBlockchainQueryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-managedblockchain-query/src/runtimeConfig.shared.ts b/clients/client-managedblockchain-query/src/runtimeConfig.shared.ts index e22e466282c14..af33ecf2c210d 100644 --- a/clients/client-managedblockchain-query/src/runtimeConfig.shared.ts +++ b/clients/client-managedblockchain-query/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultManagedBlockchainQueryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ManagedBlockchainQueryClientConfig } from "./ManagedBlockchainQueryClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ManagedBlockchainQueryClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultManagedBlockchainQueryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ManagedBlockchain Query", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-managedblockchain-query/src/runtimeExtensions.ts b/clients/client-managedblockchain-query/src/runtimeExtensions.ts index 332f95880fba6..b868ae7cde0e1 100644 --- a/clients/client-managedblockchain-query/src/runtimeExtensions.ts +++ b/clients/client-managedblockchain-query/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ManagedBlockchainQueryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-managedblockchain/package.json b/clients/client-managedblockchain/package.json index dc8e36f613cab..c24e0a113803b 100644 --- a/clients/client-managedblockchain/package.json +++ b/clients/client-managedblockchain/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-managedblockchain/src/ManagedBlockchainClient.ts b/clients/client-managedblockchain/src/ManagedBlockchainClient.ts index d338f169bc37c..f4f9600da121f 100644 --- a/clients/client-managedblockchain/src/ManagedBlockchainClient.ts +++ b/clients/client-managedblockchain/src/ManagedBlockchainClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultManagedBlockchainHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAccessorCommandInput, CreateAccessorCommandOutput } from "./commands/CreateAccessorCommand"; import { CreateMemberCommandInput, CreateMemberCommandOutput } from "./commands/CreateMemberCommand"; import { CreateNetworkCommandInput, CreateNetworkCommandOutput } from "./commands/CreateNetworkCommand"; @@ -240,21 +245,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -293,8 +299,8 @@ export type ManagedBlockchainClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -313,8 +319,8 @@ export type ManagedBlockchainClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -348,8 +354,8 @@ export class ManagedBlockchainClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -358,8 +364,14 @@ export class ManagedBlockchainClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -370,4 +382,13 @@ export class ManagedBlockchainClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultManagedBlockchainHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ManagedBlockchainClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-managedblockchain/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-managedblockchain/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7f2296cc1a896 --- /dev/null +++ b/clients/client-managedblockchain/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ManagedBlockchainHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ManagedBlockchainHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ManagedBlockchainHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ManagedBlockchainHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ManagedBlockchainHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ManagedBlockchainHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-managedblockchain/src/auth/httpAuthSchemeProvider.ts b/clients/client-managedblockchain/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..cd19623c03817 --- /dev/null +++ b/clients/client-managedblockchain/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ManagedBlockchainClientConfig, ManagedBlockchainClientResolvedConfig } from "../ManagedBlockchainClient"; + +/** + * @internal + */ +export interface ManagedBlockchainHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ManagedBlockchainHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ManagedBlockchainClientResolvedConfig, + HandlerExecutionContext, + ManagedBlockchainHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultManagedBlockchainHttpAuthSchemeParametersProvider = async ( + config: ManagedBlockchainClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ManagedBlockchainHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "managedblockchain", + region: authParameters.region, + }, + propertiesExtractor: (config: ManagedBlockchainClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ManagedBlockchainHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultManagedBlockchainHttpAuthSchemeProvider: ManagedBlockchainHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ManagedBlockchainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ManagedBlockchainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-managedblockchain/src/extensionConfiguration.ts b/clients/client-managedblockchain/src/extensionConfiguration.ts index 931d8ab76e223..8d84c5b1d904c 100644 --- a/clients/client-managedblockchain/src/extensionConfiguration.ts +++ b/clients/client-managedblockchain/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ManagedBlockchainExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-managedblockchain/src/runtimeConfig.shared.ts b/clients/client-managedblockchain/src/runtimeConfig.shared.ts index 3c3b2a407878c..1641558a95ddc 100644 --- a/clients/client-managedblockchain/src/runtimeConfig.shared.ts +++ b/clients/client-managedblockchain/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultManagedBlockchainHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ManagedBlockchainClientConfig } from "./ManagedBlockchainClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ManagedBlockchainClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultManagedBlockchainHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ManagedBlockchain", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-managedblockchain/src/runtimeExtensions.ts b/clients/client-managedblockchain/src/runtimeExtensions.ts index 61fe3d674d273..da9d250fe8ad9 100644 --- a/clients/client-managedblockchain/src/runtimeExtensions.ts +++ b/clients/client-managedblockchain/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ManagedBlockchainExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-agreement/package.json b/clients/client-marketplace-agreement/package.json index 1e4720942f8b4..5a40d2e9b478c 100644 --- a/clients/client-marketplace-agreement/package.json +++ b/clients/client-marketplace-agreement/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-marketplace-agreement/src/MarketplaceAgreementClient.ts b/clients/client-marketplace-agreement/src/MarketplaceAgreementClient.ts index 7df8ab00c99e1..7ebcfa8c4113c 100644 --- a/clients/client-marketplace-agreement/src/MarketplaceAgreementClient.ts +++ b/clients/client-marketplace-agreement/src/MarketplaceAgreementClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceAgreementHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeAgreementCommandInput, DescribeAgreementCommandOutput } from "./commands/DescribeAgreementCommand"; import { GetAgreementTermsCommandInput, GetAgreementTermsCommandOutput } from "./commands/GetAgreementTermsCommand"; import { SearchAgreementsCommandInput, SearchAgreementsCommandOutput } from "./commands/SearchAgreementsCommand"; @@ -165,21 +170,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -218,8 +224,8 @@ export type MarketplaceAgreementClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -238,8 +244,8 @@ export type MarketplaceAgreementClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -290,8 +296,8 @@ export class MarketplaceAgreementClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -300,8 +306,14 @@ export class MarketplaceAgreementClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -312,4 +324,13 @@ export class MarketplaceAgreementClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceAgreementHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceAgreementClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-agreement/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-agreement/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c46d919f09b3f --- /dev/null +++ b/clients/client-marketplace-agreement/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceAgreementHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceAgreementHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceAgreementHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceAgreementHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceAgreementHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceAgreementHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-agreement/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-agreement/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d9cd9c9935b59 --- /dev/null +++ b/clients/client-marketplace-agreement/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MarketplaceAgreementClientConfig, + MarketplaceAgreementClientResolvedConfig, +} from "../MarketplaceAgreementClient"; + +/** + * @internal + */ +export interface MarketplaceAgreementHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceAgreementHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceAgreementClientResolvedConfig, + HandlerExecutionContext, + MarketplaceAgreementHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceAgreementHttpAuthSchemeParametersProvider = async ( + config: MarketplaceAgreementClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MarketplaceAgreementHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aws-marketplace", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceAgreementClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceAgreementHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceAgreementHttpAuthSchemeProvider: MarketplaceAgreementHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceAgreementHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceAgreementHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-agreement/src/extensionConfiguration.ts b/clients/client-marketplace-agreement/src/extensionConfiguration.ts index 526c437abf181..ac9516c4e229d 100644 --- a/clients/client-marketplace-agreement/src/extensionConfiguration.ts +++ b/clients/client-marketplace-agreement/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceAgreementExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-agreement/src/runtimeConfig.shared.ts b/clients/client-marketplace-agreement/src/runtimeConfig.shared.ts index 04d68a3e1b35c..d355877fd605c 100644 --- a/clients/client-marketplace-agreement/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-agreement/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceAgreementHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceAgreementClientConfig } from "./MarketplaceAgreementClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MarketplaceAgreementClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMarketplaceAgreementHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Agreement", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-agreement/src/runtimeExtensions.ts b/clients/client-marketplace-agreement/src/runtimeExtensions.ts index 5a97fbd398e67..4107335404ff3 100644 --- a/clients/client-marketplace-agreement/src/runtimeExtensions.ts +++ b/clients/client-marketplace-agreement/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceAgreementExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-catalog/package.json b/clients/client-marketplace-catalog/package.json index d3c2aad77d1d0..3fa0390fbdd81 100644 --- a/clients/client-marketplace-catalog/package.json +++ b/clients/client-marketplace-catalog/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-marketplace-catalog/src/MarketplaceCatalogClient.ts b/clients/client-marketplace-catalog/src/MarketplaceCatalogClient.ts index dbaec1d6a043a..e43da9548405c 100644 --- a/clients/client-marketplace-catalog/src/MarketplaceCatalogClient.ts +++ b/clients/client-marketplace-catalog/src/MarketplaceCatalogClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceCatalogHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDescribeEntitiesCommandInput, BatchDescribeEntitiesCommandOutput, @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type MarketplaceCatalogClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type MarketplaceCatalogClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -314,8 +320,8 @@ export class MarketplaceCatalogClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -324,8 +330,14 @@ export class MarketplaceCatalogClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -336,4 +348,13 @@ export class MarketplaceCatalogClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceCatalogHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceCatalogClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-catalog/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-catalog/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c844017e22f66 --- /dev/null +++ b/clients/client-marketplace-catalog/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceCatalogHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceCatalogHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceCatalogHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceCatalogHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceCatalogHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceCatalogHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-catalog/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-catalog/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4d4255433a19e --- /dev/null +++ b/clients/client-marketplace-catalog/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MarketplaceCatalogClientConfig, MarketplaceCatalogClientResolvedConfig } from "../MarketplaceCatalogClient"; + +/** + * @internal + */ +export interface MarketplaceCatalogHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceCatalogHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceCatalogClientResolvedConfig, + HandlerExecutionContext, + MarketplaceCatalogHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceCatalogHttpAuthSchemeParametersProvider = async ( + config: MarketplaceCatalogClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MarketplaceCatalogHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aws-marketplace", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceCatalogClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceCatalogHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceCatalogHttpAuthSchemeProvider: MarketplaceCatalogHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceCatalogHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceCatalogHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-catalog/src/extensionConfiguration.ts b/clients/client-marketplace-catalog/src/extensionConfiguration.ts index ba4e3dba516ad..5ae6f25f0ea4d 100644 --- a/clients/client-marketplace-catalog/src/extensionConfiguration.ts +++ b/clients/client-marketplace-catalog/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceCatalogExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-catalog/src/runtimeConfig.shared.ts b/clients/client-marketplace-catalog/src/runtimeConfig.shared.ts index 4aec83673493b..e28bfceb401f8 100644 --- a/clients/client-marketplace-catalog/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-catalog/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceCatalogHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceCatalogClientConfig } from "./MarketplaceCatalogClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MarketplaceCatalogClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMarketplaceCatalogHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Catalog", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-catalog/src/runtimeExtensions.ts b/clients/client-marketplace-catalog/src/runtimeExtensions.ts index 554975af4e311..75ee064867a6d 100644 --- a/clients/client-marketplace-catalog/src/runtimeExtensions.ts +++ b/clients/client-marketplace-catalog/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceCatalogExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-commerce-analytics/package.json b/clients/client-marketplace-commerce-analytics/package.json index 6e80eb3f8e96b..f5c3fa4cd6dae 100644 --- a/clients/client-marketplace-commerce-analytics/package.json +++ b/clients/client-marketplace-commerce-analytics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-marketplace-commerce-analytics/src/MarketplaceCommerceAnalyticsClient.ts b/clients/client-marketplace-commerce-analytics/src/MarketplaceCommerceAnalyticsClient.ts index aaed9fa16b608..4384a02c5a0d9 100644 --- a/clients/client-marketplace-commerce-analytics/src/MarketplaceCommerceAnalyticsClient.ts +++ b/clients/client-marketplace-commerce-analytics/src/MarketplaceCommerceAnalyticsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceCommerceAnalyticsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GenerateDataSetCommandInput, GenerateDataSetCommandOutput } from "./commands/GenerateDataSetCommand"; import { StartSupportDataExportCommandInput, @@ -161,21 +166,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -214,8 +220,8 @@ export type MarketplaceCommerceAnalyticsClientConfigType = Partial<__SmithyConfi EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -234,8 +240,8 @@ export type MarketplaceCommerceAnalyticsClientResolvedConfigType = __SmithyResol EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -267,8 +273,8 @@ export class MarketplaceCommerceAnalyticsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -277,8 +283,14 @@ export class MarketplaceCommerceAnalyticsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -289,4 +301,13 @@ export class MarketplaceCommerceAnalyticsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceCommerceAnalyticsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceCommerceAnalyticsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-commerce-analytics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-commerce-analytics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fa4cd7dba17bb --- /dev/null +++ b/clients/client-marketplace-commerce-analytics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceCommerceAnalyticsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceCommerceAnalyticsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceCommerceAnalyticsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-commerce-analytics/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-commerce-analytics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..40aaf174d3030 --- /dev/null +++ b/clients/client-marketplace-commerce-analytics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MarketplaceCommerceAnalyticsClientConfig, + MarketplaceCommerceAnalyticsClientResolvedConfig, +} from "../MarketplaceCommerceAnalyticsClient"; + +/** + * @internal + */ +export interface MarketplaceCommerceAnalyticsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceCommerceAnalyticsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceCommerceAnalyticsClientResolvedConfig, + HandlerExecutionContext, + MarketplaceCommerceAnalyticsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceCommerceAnalyticsHttpAuthSchemeParametersProvider = async ( + config: MarketplaceCommerceAnalyticsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MarketplaceCommerceAnalyticsHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "marketplacecommerceanalytics", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceCommerceAnalyticsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceCommerceAnalyticsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceCommerceAnalyticsHttpAuthSchemeProvider: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceCommerceAnalyticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-commerce-analytics/src/extensionConfiguration.ts b/clients/client-marketplace-commerce-analytics/src/extensionConfiguration.ts index 78f6eed735e02..0414b67d9ab62 100644 --- a/clients/client-marketplace-commerce-analytics/src/extensionConfiguration.ts +++ b/clients/client-marketplace-commerce-analytics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceCommerceAnalyticsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-commerce-analytics/src/runtimeConfig.shared.ts b/clients/client-marketplace-commerce-analytics/src/runtimeConfig.shared.ts index 9f63a7991665a..f0c874e815ff7 100644 --- a/clients/client-marketplace-commerce-analytics/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-commerce-analytics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceCommerceAnalyticsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceCommerceAnalyticsClientConfig } from "./MarketplaceCommerceAnalyticsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MarketplaceCommerceAnalyticsClientConfi disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMarketplaceCommerceAnalyticsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Commerce Analytics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-commerce-analytics/src/runtimeExtensions.ts b/clients/client-marketplace-commerce-analytics/src/runtimeExtensions.ts index 3e2e652392833..9dcf5ff785ee6 100644 --- a/clients/client-marketplace-commerce-analytics/src/runtimeExtensions.ts +++ b/clients/client-marketplace-commerce-analytics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceCommerceAnalyticsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-deployment/package.json b/clients/client-marketplace-deployment/package.json index 8133957425335..a40278730c9ed 100644 --- a/clients/client-marketplace-deployment/package.json +++ b/clients/client-marketplace-deployment/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-marketplace-deployment/src/MarketplaceDeploymentClient.ts b/clients/client-marketplace-deployment/src/MarketplaceDeploymentClient.ts index ee0b9f0ccd8c8..6db747ff42be2 100644 --- a/clients/client-marketplace-deployment/src/MarketplaceDeploymentClient.ts +++ b/clients/client-marketplace-deployment/src/MarketplaceDeploymentClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceDeploymentHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ListTagsForResourceCommandInput, ListTagsForResourceCommandOutput, @@ -174,21 +179,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -227,8 +233,8 @@ export type MarketplaceDeploymentClientConfigType = Partial<__SmithyConfiguratio EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -247,8 +253,8 @@ export type MarketplaceDeploymentClientResolvedConfigType = __SmithyResolvedConf EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -279,8 +285,8 @@ export class MarketplaceDeploymentClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -289,8 +295,14 @@ export class MarketplaceDeploymentClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -301,4 +313,13 @@ export class MarketplaceDeploymentClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceDeploymentHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceDeploymentClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-deployment/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-deployment/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6907dccdbeb76 --- /dev/null +++ b/clients/client-marketplace-deployment/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceDeploymentHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceDeploymentHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceDeploymentHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceDeploymentHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceDeploymentHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceDeploymentHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-deployment/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-deployment/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e8e88b5f48c6c --- /dev/null +++ b/clients/client-marketplace-deployment/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MarketplaceDeploymentClientConfig, + MarketplaceDeploymentClientResolvedConfig, +} from "../MarketplaceDeploymentClient"; + +/** + * @internal + */ +export interface MarketplaceDeploymentHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceDeploymentHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceDeploymentClientResolvedConfig, + HandlerExecutionContext, + MarketplaceDeploymentHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceDeploymentHttpAuthSchemeParametersProvider = async ( + config: MarketplaceDeploymentClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MarketplaceDeploymentHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aws-marketplace", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceDeploymentClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceDeploymentHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceDeploymentHttpAuthSchemeProvider: MarketplaceDeploymentHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceDeploymentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceDeploymentHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-deployment/src/extensionConfiguration.ts b/clients/client-marketplace-deployment/src/extensionConfiguration.ts index 82c02dd65807d..bcb9a2bec32ee 100644 --- a/clients/client-marketplace-deployment/src/extensionConfiguration.ts +++ b/clients/client-marketplace-deployment/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceDeploymentExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-deployment/src/runtimeConfig.shared.ts b/clients/client-marketplace-deployment/src/runtimeConfig.shared.ts index de73a10bc8db3..e1a7d886d37d9 100644 --- a/clients/client-marketplace-deployment/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-deployment/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceDeploymentHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceDeploymentClientConfig } from "./MarketplaceDeploymentClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MarketplaceDeploymentClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMarketplaceDeploymentHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Deployment", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-deployment/src/runtimeExtensions.ts b/clients/client-marketplace-deployment/src/runtimeExtensions.ts index 33878eb4d8726..5c7a83c364ac7 100644 --- a/clients/client-marketplace-deployment/src/runtimeExtensions.ts +++ b/clients/client-marketplace-deployment/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceDeploymentExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-entitlement-service/package.json b/clients/client-marketplace-entitlement-service/package.json index 94aa4d3bcff24..3c0cd9d088a56 100644 --- a/clients/client-marketplace-entitlement-service/package.json +++ b/clients/client-marketplace-entitlement-service/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-marketplace-entitlement-service/src/MarketplaceEntitlementServiceClient.ts b/clients/client-marketplace-entitlement-service/src/MarketplaceEntitlementServiceClient.ts index fa1ad847a5625..8c0b3279872ca 100644 --- a/clients/client-marketplace-entitlement-service/src/MarketplaceEntitlementServiceClient.ts +++ b/clients/client-marketplace-entitlement-service/src/MarketplaceEntitlementServiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceEntitlementServiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetEntitlementsCommandInput, GetEntitlementsCommandOutput } from "./commands/GetEntitlementsCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type MarketplaceEntitlementServiceClientConfigType = Partial<__SmithyConf EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -231,8 +237,8 @@ export type MarketplaceEntitlementServiceClientResolvedConfigType = EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export class MarketplaceEntitlementServiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -290,8 +296,14 @@ export class MarketplaceEntitlementServiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -302,4 +314,13 @@ export class MarketplaceEntitlementServiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceEntitlementServiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceEntitlementServiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-entitlement-service/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-entitlement-service/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..35417e44391af --- /dev/null +++ b/clients/client-marketplace-entitlement-service/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceEntitlementServiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceEntitlementServiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceEntitlementServiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceEntitlementServiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceEntitlementServiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceEntitlementServiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-entitlement-service/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-entitlement-service/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..74be550ed9f57 --- /dev/null +++ b/clients/client-marketplace-entitlement-service/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MarketplaceEntitlementServiceClientConfig, + MarketplaceEntitlementServiceClientResolvedConfig, +} from "../MarketplaceEntitlementServiceClient"; + +/** + * @internal + */ +export interface MarketplaceEntitlementServiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceEntitlementServiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceEntitlementServiceClientResolvedConfig, + HandlerExecutionContext, + MarketplaceEntitlementServiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceEntitlementServiceHttpAuthSchemeParametersProvider = async ( + config: MarketplaceEntitlementServiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MarketplaceEntitlementServiceHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aws-marketplace", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceEntitlementServiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceEntitlementServiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceEntitlementServiceHttpAuthSchemeProvider: MarketplaceEntitlementServiceHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceEntitlementServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceEntitlementServiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-entitlement-service/src/extensionConfiguration.ts b/clients/client-marketplace-entitlement-service/src/extensionConfiguration.ts index d3809ad8bb1fe..54babb48b223b 100644 --- a/clients/client-marketplace-entitlement-service/src/extensionConfiguration.ts +++ b/clients/client-marketplace-entitlement-service/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceEntitlementServiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-entitlement-service/src/runtimeConfig.shared.ts b/clients/client-marketplace-entitlement-service/src/runtimeConfig.shared.ts index f6ecb5668d849..5a3234da15817 100644 --- a/clients/client-marketplace-entitlement-service/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-entitlement-service/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceEntitlementServiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceEntitlementServiceClientConfig } from "./MarketplaceEntitlementServiceClient"; @@ -18,6 +21,15 @@ export const getRuntimeConfig = (config: MarketplaceEntitlementServiceClientConf disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: + config?.httpAuthSchemeProvider ?? defaultMarketplaceEntitlementServiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Entitlement Service", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-entitlement-service/src/runtimeExtensions.ts b/clients/client-marketplace-entitlement-service/src/runtimeExtensions.ts index d3c2bb8a1fa3a..0f8165b8fd899 100644 --- a/clients/client-marketplace-entitlement-service/src/runtimeExtensions.ts +++ b/clients/client-marketplace-entitlement-service/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceEntitlementServiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-marketplace-metering/package.json b/clients/client-marketplace-metering/package.json index a233d251a58cb..71eb31f2f5b2e 100644 --- a/clients/client-marketplace-metering/package.json +++ b/clients/client-marketplace-metering/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-marketplace-metering/src/MarketplaceMeteringClient.ts b/clients/client-marketplace-metering/src/MarketplaceMeteringClient.ts index c320b17e716be..7d7b3801265e0 100644 --- a/clients/client-marketplace-metering/src/MarketplaceMeteringClient.ts +++ b/clients/client-marketplace-metering/src/MarketplaceMeteringClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMarketplaceMeteringHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchMeterUsageCommandInput, BatchMeterUsageCommandOutput } from "./commands/BatchMeterUsageCommand"; import { MeterUsageCommandInput, MeterUsageCommandOutput } from "./commands/MeterUsageCommand"; import { RegisterUsageCommandInput, RegisterUsageCommandOutput } from "./commands/RegisterUsageCommand"; @@ -168,21 +173,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -221,8 +227,8 @@ export type MarketplaceMeteringClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -241,8 +247,8 @@ export type MarketplaceMeteringClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -335,8 +341,8 @@ export class MarketplaceMeteringClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -345,8 +351,14 @@ export class MarketplaceMeteringClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -357,4 +369,13 @@ export class MarketplaceMeteringClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMarketplaceMeteringHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MarketplaceMeteringClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-marketplace-metering/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-marketplace-metering/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0026b278a45e7 --- /dev/null +++ b/clients/client-marketplace-metering/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MarketplaceMeteringHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceMeteringHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MarketplaceMeteringHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MarketplaceMeteringHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MarketplaceMeteringHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MarketplaceMeteringHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-marketplace-metering/src/auth/httpAuthSchemeProvider.ts b/clients/client-marketplace-metering/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8201b62791592 --- /dev/null +++ b/clients/client-marketplace-metering/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MarketplaceMeteringClientConfig, MarketplaceMeteringClientResolvedConfig } from "../MarketplaceMeteringClient"; + +/** + * @internal + */ +export interface MarketplaceMeteringHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MarketplaceMeteringHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MarketplaceMeteringClientResolvedConfig, + HandlerExecutionContext, + MarketplaceMeteringHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMarketplaceMeteringHttpAuthSchemeParametersProvider = async ( + config: MarketplaceMeteringClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MarketplaceMeteringHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aws-marketplace", + region: authParameters.region, + }, + propertiesExtractor: (config: MarketplaceMeteringClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MarketplaceMeteringHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMarketplaceMeteringHttpAuthSchemeProvider: MarketplaceMeteringHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MarketplaceMeteringHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MarketplaceMeteringHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-marketplace-metering/src/extensionConfiguration.ts b/clients/client-marketplace-metering/src/extensionConfiguration.ts index a9654cdfb8667..8b247c3193f34 100644 --- a/clients/client-marketplace-metering/src/extensionConfiguration.ts +++ b/clients/client-marketplace-metering/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MarketplaceMeteringExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-marketplace-metering/src/runtimeConfig.shared.ts b/clients/client-marketplace-metering/src/runtimeConfig.shared.ts index 958dd07656cbd..aa91eda72997e 100644 --- a/clients/client-marketplace-metering/src/runtimeConfig.shared.ts +++ b/clients/client-marketplace-metering/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMarketplaceMeteringHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MarketplaceMeteringClientConfig } from "./MarketplaceMeteringClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MarketplaceMeteringClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMarketplaceMeteringHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Marketplace Metering", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-marketplace-metering/src/runtimeExtensions.ts b/clients/client-marketplace-metering/src/runtimeExtensions.ts index 7970583936d27..8a67ccfb54498 100644 --- a/clients/client-marketplace-metering/src/runtimeExtensions.ts +++ b/clients/client-marketplace-metering/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MarketplaceMeteringExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediaconnect/package.json b/clients/client-mediaconnect/package.json index 9c8fabc5bafea..97de890c226ee 100644 --- a/clients/client-mediaconnect/package.json +++ b/clients/client-mediaconnect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-mediaconnect/src/MediaConnectClient.ts b/clients/client-mediaconnect/src/MediaConnectClient.ts index 6303a6bbb0d3b..06838f8ae4bf0 100644 --- a/clients/client-mediaconnect/src/MediaConnectClient.ts +++ b/clients/client-mediaconnect/src/MediaConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddBridgeOutputsCommandInput, AddBridgeOutputsCommandOutput } from "./commands/AddBridgeOutputsCommand"; import { AddBridgeSourcesCommandInput, AddBridgeSourcesCommandOutput } from "./commands/AddBridgeSourcesCommand"; import { @@ -354,21 +359,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -407,8 +413,8 @@ export type MediaConnectClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export type MediaConnectClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -459,8 +465,8 @@ export class MediaConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -469,8 +475,14 @@ export class MediaConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -481,4 +493,13 @@ export class MediaConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediaconnect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediaconnect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e15858e532ea6 --- /dev/null +++ b/clients/client-mediaconnect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediaconnect/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediaconnect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..06b721893a143 --- /dev/null +++ b/clients/client-mediaconnect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaConnectClientConfig, MediaConnectClientResolvedConfig } from "../MediaConnectClient"; + +/** + * @internal + */ +export interface MediaConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaConnectClientResolvedConfig, + HandlerExecutionContext, + MediaConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaConnectHttpAuthSchemeParametersProvider = async ( + config: MediaConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediaconnect", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaConnectHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaConnectHttpAuthSchemeProvider: MediaConnectHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediaconnect/src/extensionConfiguration.ts b/clients/client-mediaconnect/src/extensionConfiguration.ts index 566f92b36f8fc..5f8626ace8f70 100644 --- a/clients/client-mediaconnect/src/extensionConfiguration.ts +++ b/clients/client-mediaconnect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediaconnect/src/runtimeConfig.shared.ts b/clients/client-mediaconnect/src/runtimeConfig.shared.ts index 80c15d17d2a4f..a80354eafa578 100644 --- a/clients/client-mediaconnect/src/runtimeConfig.shared.ts +++ b/clients/client-mediaconnect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaConnectClientConfig } from "./MediaConnectClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaConnect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediaconnect/src/runtimeExtensions.ts b/clients/client-mediaconnect/src/runtimeExtensions.ts index b64cbaac6219d..1a11228c4421c 100644 --- a/clients/client-mediaconnect/src/runtimeExtensions.ts +++ b/clients/client-mediaconnect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediaconvert/package.json b/clients/client-mediaconvert/package.json index 7615352e2011c..7adab708643ad 100644 --- a/clients/client-mediaconvert/package.json +++ b/clients/client-mediaconvert/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-mediaconvert/src/MediaConvertClient.ts b/clients/client-mediaconvert/src/MediaConvertClient.ts index b9a0ab50ec080..585b146ea7695 100644 --- a/clients/client-mediaconvert/src/MediaConvertClient.ts +++ b/clients/client-mediaconvert/src/MediaConvertClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaConvertHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateCertificateCommandInput, AssociateCertificateCommandOutput, @@ -249,21 +254,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -302,8 +308,8 @@ export type MediaConvertClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export type MediaConvertClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -354,8 +360,8 @@ export class MediaConvertClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -364,8 +370,14 @@ export class MediaConvertClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -376,4 +388,13 @@ export class MediaConvertClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaConvertHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaConvertClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediaconvert/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediaconvert/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..173f6833dd22b --- /dev/null +++ b/clients/client-mediaconvert/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaConvertHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaConvertHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaConvertHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaConvertHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaConvertHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaConvertHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediaconvert/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediaconvert/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c89b24f614a14 --- /dev/null +++ b/clients/client-mediaconvert/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaConvertClientConfig, MediaConvertClientResolvedConfig } from "../MediaConvertClient"; + +/** + * @internal + */ +export interface MediaConvertHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaConvertHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaConvertClientResolvedConfig, + HandlerExecutionContext, + MediaConvertHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaConvertHttpAuthSchemeParametersProvider = async ( + config: MediaConvertClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaConvertHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediaconvert", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaConvertClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaConvertHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaConvertHttpAuthSchemeProvider: MediaConvertHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaConvertHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaConvertHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediaconvert/src/extensionConfiguration.ts b/clients/client-mediaconvert/src/extensionConfiguration.ts index ab0e726748845..246f3af45d347 100644 --- a/clients/client-mediaconvert/src/extensionConfiguration.ts +++ b/clients/client-mediaconvert/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaConvertExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediaconvert/src/runtimeConfig.shared.ts b/clients/client-mediaconvert/src/runtimeConfig.shared.ts index 0e6c205f48be9..7a01767df46e2 100644 --- a/clients/client-mediaconvert/src/runtimeConfig.shared.ts +++ b/clients/client-mediaconvert/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaConvertHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaConvertClientConfig } from "./MediaConvertClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaConvertClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaConvertHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaConvert", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediaconvert/src/runtimeExtensions.ts b/clients/client-mediaconvert/src/runtimeExtensions.ts index 3987a9ffad686..c423cb9a603f7 100644 --- a/clients/client-mediaconvert/src/runtimeExtensions.ts +++ b/clients/client-mediaconvert/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaConvertExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-medialive/package.json b/clients/client-medialive/package.json index 75ff82347750b..b79a5c2b032f6 100644 --- a/clients/client-medialive/package.json +++ b/clients/client-medialive/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-medialive/src/MediaLiveClient.ts b/clients/client-medialive/src/MediaLiveClient.ts index cd79656e4e410..f28c2b0a38f19 100644 --- a/clients/client-medialive/src/MediaLiveClient.ts +++ b/clients/client-medialive/src/MediaLiveClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaLiveHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptInputDeviceTransferCommandInput, AcceptInputDeviceTransferCommandOutput, @@ -418,21 +423,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -477,8 +483,8 @@ export type MediaLiveClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -497,8 +503,8 @@ export type MediaLiveClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -529,8 +535,8 @@ export class MediaLiveClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -539,8 +545,14 @@ export class MediaLiveClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -551,4 +563,13 @@ export class MediaLiveClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaLiveHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaLiveClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-medialive/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-medialive/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..07940100bbc9d --- /dev/null +++ b/clients/client-medialive/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaLiveHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaLiveHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaLiveHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaLiveHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaLiveHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaLiveHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-medialive/src/auth/httpAuthSchemeProvider.ts b/clients/client-medialive/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..927f5dce1fec7 --- /dev/null +++ b/clients/client-medialive/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaLiveClientConfig, MediaLiveClientResolvedConfig } from "../MediaLiveClient"; + +/** + * @internal + */ +export interface MediaLiveHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaLiveHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaLiveClientResolvedConfig, + HandlerExecutionContext, + MediaLiveHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaLiveHttpAuthSchemeParametersProvider = async ( + config: MediaLiveClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaLiveHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "medialive", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaLiveClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaLiveHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaLiveHttpAuthSchemeProvider: MediaLiveHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaLiveHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaLiveHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-medialive/src/extensionConfiguration.ts b/clients/client-medialive/src/extensionConfiguration.ts index 51854ce339a97..2da6b3941b2b0 100644 --- a/clients/client-medialive/src/extensionConfiguration.ts +++ b/clients/client-medialive/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaLiveExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-medialive/src/runtimeConfig.shared.ts b/clients/client-medialive/src/runtimeConfig.shared.ts index 2e53bf60ae579..e3cd66c2b2919 100644 --- a/clients/client-medialive/src/runtimeConfig.shared.ts +++ b/clients/client-medialive/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaLiveHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaLiveClientConfig } from "./MediaLiveClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: MediaLiveClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaLiveHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "MediaLive", diff --git a/clients/client-medialive/src/runtimeExtensions.ts b/clients/client-medialive/src/runtimeExtensions.ts index ab08274eac861..68cf1ee7a8655 100644 --- a/clients/client-medialive/src/runtimeExtensions.ts +++ b/clients/client-medialive/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaLiveExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediapackage-vod/package.json b/clients/client-mediapackage-vod/package.json index 6e9d4801bfaa4..e722d74eb6ef7 100644 --- a/clients/client-mediapackage-vod/package.json +++ b/clients/client-mediapackage-vod/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mediapackage-vod/src/MediaPackageVodClient.ts b/clients/client-mediapackage-vod/src/MediaPackageVodClient.ts index 7243d36a3a364..19e364d553219 100644 --- a/clients/client-mediapackage-vod/src/MediaPackageVodClient.ts +++ b/clients/client-mediapackage-vod/src/MediaPackageVodClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaPackageVodHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ConfigureLogsCommandInput, ConfigureLogsCommandOutput } from "./commands/ConfigureLogsCommand"; import { CreateAssetCommandInput, CreateAssetCommandOutput } from "./commands/CreateAssetCommand"; import { @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type MediaPackageVodClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type MediaPackageVodClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -342,8 +348,8 @@ export class MediaPackageVodClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -352,8 +358,14 @@ export class MediaPackageVodClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -364,4 +376,13 @@ export class MediaPackageVodClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaPackageVodHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaPackageVodClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediapackage-vod/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediapackage-vod/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..38db14fd04807 --- /dev/null +++ b/clients/client-mediapackage-vod/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaPackageVodHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageVodHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaPackageVodHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaPackageVodHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageVodHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaPackageVodHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediapackage-vod/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediapackage-vod/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..44eea038a99f7 --- /dev/null +++ b/clients/client-mediapackage-vod/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaPackageVodClientConfig, MediaPackageVodClientResolvedConfig } from "../MediaPackageVodClient"; + +/** + * @internal + */ +export interface MediaPackageVodHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaPackageVodHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaPackageVodClientResolvedConfig, + HandlerExecutionContext, + MediaPackageVodHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaPackageVodHttpAuthSchemeParametersProvider = async ( + config: MediaPackageVodClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaPackageVodHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediapackage-vod", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaPackageVodClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaPackageVodHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaPackageVodHttpAuthSchemeProvider: MediaPackageVodHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaPackageVodHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaPackageVodHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediapackage-vod/src/extensionConfiguration.ts b/clients/client-mediapackage-vod/src/extensionConfiguration.ts index 8369f441763d6..38a32749212d8 100644 --- a/clients/client-mediapackage-vod/src/extensionConfiguration.ts +++ b/clients/client-mediapackage-vod/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaPackageVodExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediapackage-vod/src/runtimeConfig.shared.ts b/clients/client-mediapackage-vod/src/runtimeConfig.shared.ts index 8a878bc89da6d..b984412c20c62 100644 --- a/clients/client-mediapackage-vod/src/runtimeConfig.shared.ts +++ b/clients/client-mediapackage-vod/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaPackageVodHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaPackageVodClientConfig } from "./MediaPackageVodClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaPackageVodClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaPackageVodHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaPackage Vod", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediapackage-vod/src/runtimeExtensions.ts b/clients/client-mediapackage-vod/src/runtimeExtensions.ts index eaccbdf23157a..d1cbfbd4f5fa6 100644 --- a/clients/client-mediapackage-vod/src/runtimeExtensions.ts +++ b/clients/client-mediapackage-vod/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaPackageVodExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediapackage/package.json b/clients/client-mediapackage/package.json index 97284af5e3653..0b1e19d2c655c 100644 --- a/clients/client-mediapackage/package.json +++ b/clients/client-mediapackage/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mediapackage/src/MediaPackageClient.ts b/clients/client-mediapackage/src/MediaPackageClient.ts index dc4f7750f038b..ce66cea43c950 100644 --- a/clients/client-mediapackage/src/MediaPackageClient.ts +++ b/clients/client-mediapackage/src/MediaPackageClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaPackageHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ConfigureLogsCommandInput, ConfigureLogsCommandOutput } from "./commands/ConfigureLogsCommand"; import { CreateChannelCommandInput, CreateChannelCommandOutput } from "./commands/CreateChannelCommand"; import { CreateHarvestJobCommandInput, CreateHarvestJobCommandOutput } from "./commands/CreateHarvestJobCommand"; @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type MediaPackageClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type MediaPackageClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -342,8 +348,8 @@ export class MediaPackageClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -352,8 +358,14 @@ export class MediaPackageClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -364,4 +376,13 @@ export class MediaPackageClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaPackageHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaPackageClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediapackage/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediapackage/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0136a89cb51d2 --- /dev/null +++ b/clients/client-mediapackage/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaPackageHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaPackageHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaPackageHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaPackageHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediapackage/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediapackage/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f2d6fbaa61925 --- /dev/null +++ b/clients/client-mediapackage/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaPackageClientConfig, MediaPackageClientResolvedConfig } from "../MediaPackageClient"; + +/** + * @internal + */ +export interface MediaPackageHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaPackageHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaPackageClientResolvedConfig, + HandlerExecutionContext, + MediaPackageHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaPackageHttpAuthSchemeParametersProvider = async ( + config: MediaPackageClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaPackageHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediapackage", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaPackageClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaPackageHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaPackageHttpAuthSchemeProvider: MediaPackageHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaPackageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaPackageHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediapackage/src/extensionConfiguration.ts b/clients/client-mediapackage/src/extensionConfiguration.ts index ebde6fd5cf161..4e0898248e9a5 100644 --- a/clients/client-mediapackage/src/extensionConfiguration.ts +++ b/clients/client-mediapackage/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaPackageExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediapackage/src/runtimeConfig.shared.ts b/clients/client-mediapackage/src/runtimeConfig.shared.ts index c877c03ace4d1..e873d87201897 100644 --- a/clients/client-mediapackage/src/runtimeConfig.shared.ts +++ b/clients/client-mediapackage/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaPackageHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaPackageClientConfig } from "./MediaPackageClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaPackageClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaPackageHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaPackage", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediapackage/src/runtimeExtensions.ts b/clients/client-mediapackage/src/runtimeExtensions.ts index 370a7739a9147..25b161f55c146 100644 --- a/clients/client-mediapackage/src/runtimeExtensions.ts +++ b/clients/client-mediapackage/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaPackageExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediapackagev2/package.json b/clients/client-mediapackagev2/package.json index 7d9a313b46523..96e088fab3b3b 100644 --- a/clients/client-mediapackagev2/package.json +++ b/clients/client-mediapackagev2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-mediapackagev2/src/MediaPackageV2Client.ts b/clients/client-mediapackagev2/src/MediaPackageV2Client.ts index cc6392063994c..e9b9940648d85 100644 --- a/clients/client-mediapackagev2/src/MediaPackageV2Client.ts +++ b/clients/client-mediapackagev2/src/MediaPackageV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaPackageV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateChannelCommandInput, CreateChannelCommandOutput } from "./commands/CreateChannelCommand"; import { CreateChannelGroupCommandInput, CreateChannelGroupCommandOutput } from "./commands/CreateChannelGroupCommand"; import { @@ -255,21 +260,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -308,8 +314,8 @@ export type MediaPackageV2ClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -328,8 +334,8 @@ export type MediaPackageV2ClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -371,8 +377,8 @@ export class MediaPackageV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -381,8 +387,14 @@ export class MediaPackageV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -393,4 +405,13 @@ export class MediaPackageV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaPackageV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaPackageV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediapackagev2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediapackagev2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c130b8edbd9ab --- /dev/null +++ b/clients/client-mediapackagev2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaPackageV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaPackageV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaPackageV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaPackageV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaPackageV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediapackagev2/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediapackagev2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d6b50614e1ba3 --- /dev/null +++ b/clients/client-mediapackagev2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaPackageV2ClientConfig, MediaPackageV2ClientResolvedConfig } from "../MediaPackageV2Client"; + +/** + * @internal + */ +export interface MediaPackageV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaPackageV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaPackageV2ClientResolvedConfig, + HandlerExecutionContext, + MediaPackageV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaPackageV2HttpAuthSchemeParametersProvider = async ( + config: MediaPackageV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaPackageV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediapackagev2", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaPackageV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaPackageV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaPackageV2HttpAuthSchemeProvider: MediaPackageV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaPackageV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaPackageV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediapackagev2/src/extensionConfiguration.ts b/clients/client-mediapackagev2/src/extensionConfiguration.ts index 49dece27192e6..b6e82a6a44263 100644 --- a/clients/client-mediapackagev2/src/extensionConfiguration.ts +++ b/clients/client-mediapackagev2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaPackageV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediapackagev2/src/runtimeConfig.shared.ts b/clients/client-mediapackagev2/src/runtimeConfig.shared.ts index 44bfc76c2d1c3..c126a38e95482 100644 --- a/clients/client-mediapackagev2/src/runtimeConfig.shared.ts +++ b/clients/client-mediapackagev2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaPackageV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaPackageV2ClientConfig } from "./MediaPackageV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaPackageV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaPackageV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaPackageV2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediapackagev2/src/runtimeExtensions.ts b/clients/client-mediapackagev2/src/runtimeExtensions.ts index 20d60751707e4..83b762f7f87cf 100644 --- a/clients/client-mediapackagev2/src/runtimeExtensions.ts +++ b/clients/client-mediapackagev2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaPackageV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediastore-data/package.json b/clients/client-mediastore-data/package.json index b608d8a07a276..0db2513fd17c1 100644 --- a/clients/client-mediastore-data/package.json +++ b/clients/client-mediastore-data/package.json @@ -28,7 +28,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -36,7 +35,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -55,8 +54,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-mediastore-data/src/MediaStoreDataClient.ts b/clients/client-mediastore-data/src/MediaStoreDataClient.ts index 3b5bdd2f4cdc1..005f6abda4a31 100644 --- a/clients/client-mediastore-data/src/MediaStoreDataClient.ts +++ b/clients/client-mediastore-data/src/MediaStoreDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaStoreDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteObjectCommandInput, DeleteObjectCommandOutput } from "./commands/DeleteObjectCommand"; import { DescribeObjectCommandInput, DescribeObjectCommandOutput } from "./commands/DescribeObjectCommand"; import { GetObjectCommandInput, GetObjectCommandOutput } from "./commands/GetObjectCommand"; @@ -172,21 +177,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -231,8 +237,8 @@ export type MediaStoreDataClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -251,8 +257,8 @@ export type MediaStoreDataClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -285,8 +291,8 @@ export class MediaStoreDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -295,8 +301,14 @@ export class MediaStoreDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -307,4 +319,13 @@ export class MediaStoreDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaStoreDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaStoreDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediastore-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediastore-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2558a5264ff5e --- /dev/null +++ b/clients/client-mediastore-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaStoreDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaStoreDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaStoreDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaStoreDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaStoreDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaStoreDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediastore-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediastore-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..357d34a83da28 --- /dev/null +++ b/clients/client-mediastore-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaStoreDataClientConfig, MediaStoreDataClientResolvedConfig } from "../MediaStoreDataClient"; + +/** + * @internal + */ +export interface MediaStoreDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaStoreDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaStoreDataClientResolvedConfig, + HandlerExecutionContext, + MediaStoreDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaStoreDataHttpAuthSchemeParametersProvider = async ( + config: MediaStoreDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaStoreDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediastore", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaStoreDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaStoreDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaStoreDataHttpAuthSchemeProvider: MediaStoreDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaStoreDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaStoreDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediastore-data/src/extensionConfiguration.ts b/clients/client-mediastore-data/src/extensionConfiguration.ts index 84d5b5d4f5ebe..fd24ee587d0a7 100644 --- a/clients/client-mediastore-data/src/extensionConfiguration.ts +++ b/clients/client-mediastore-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaStoreDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediastore-data/src/runtimeConfig.shared.ts b/clients/client-mediastore-data/src/runtimeConfig.shared.ts index 18d7aa5bd601f..f5fad005ddaa8 100644 --- a/clients/client-mediastore-data/src/runtimeConfig.shared.ts +++ b/clients/client-mediastore-data/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaStoreDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaStoreDataClientConfig } from "./MediaStoreDataClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: MediaStoreDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaStoreDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "MediaStore Data", diff --git a/clients/client-mediastore-data/src/runtimeExtensions.ts b/clients/client-mediastore-data/src/runtimeExtensions.ts index cd6ee7f987271..b089bd20e0d7e 100644 --- a/clients/client-mediastore-data/src/runtimeExtensions.ts +++ b/clients/client-mediastore-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaStoreDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediastore/package.json b/clients/client-mediastore/package.json index f37ec9bb03180..fb628ba764271 100644 --- a/clients/client-mediastore/package.json +++ b/clients/client-mediastore/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mediastore/src/MediaStoreClient.ts b/clients/client-mediastore/src/MediaStoreClient.ts index e094138ae5510..4722a7db5d8e9 100644 --- a/clients/client-mediastore/src/MediaStoreClient.ts +++ b/clients/client-mediastore/src/MediaStoreClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaStoreHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateContainerCommandInput, CreateContainerCommandOutput } from "./commands/CreateContainerCommand"; import { DeleteContainerCommandInput, DeleteContainerCommandOutput } from "./commands/DeleteContainerCommand"; import { @@ -228,21 +233,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -281,8 +287,8 @@ export type MediaStoreClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export type MediaStoreClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -334,8 +340,8 @@ export class MediaStoreClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -344,8 +350,14 @@ export class MediaStoreClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -356,4 +368,13 @@ export class MediaStoreClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaStoreHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaStoreClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediastore/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediastore/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9351979497b90 --- /dev/null +++ b/clients/client-mediastore/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaStoreHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaStoreHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaStoreHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaStoreHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaStoreHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaStoreHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediastore/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediastore/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9335f9a4c6a36 --- /dev/null +++ b/clients/client-mediastore/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaStoreClientConfig, MediaStoreClientResolvedConfig } from "../MediaStoreClient"; + +/** + * @internal + */ +export interface MediaStoreHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaStoreHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaStoreClientResolvedConfig, + HandlerExecutionContext, + MediaStoreHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaStoreHttpAuthSchemeParametersProvider = async ( + config: MediaStoreClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaStoreHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediastore", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaStoreClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaStoreHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaStoreHttpAuthSchemeProvider: MediaStoreHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaStoreHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaStoreHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediastore/src/extensionConfiguration.ts b/clients/client-mediastore/src/extensionConfiguration.ts index 648c76c77d1f1..c9f792b55e1b8 100644 --- a/clients/client-mediastore/src/extensionConfiguration.ts +++ b/clients/client-mediastore/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaStoreExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediastore/src/runtimeConfig.shared.ts b/clients/client-mediastore/src/runtimeConfig.shared.ts index ff57f1d2e6e9d..15402c67bd068 100644 --- a/clients/client-mediastore/src/runtimeConfig.shared.ts +++ b/clients/client-mediastore/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaStoreHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaStoreClientConfig } from "./MediaStoreClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaStoreClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaStoreHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaStore", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediastore/src/runtimeExtensions.ts b/clients/client-mediastore/src/runtimeExtensions.ts index 53c328aae1e64..ed662b44de013 100644 --- a/clients/client-mediastore/src/runtimeExtensions.ts +++ b/clients/client-mediastore/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaStoreExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mediatailor/package.json b/clients/client-mediatailor/package.json index bf07f6fc1e027..a0fba14b7513e 100644 --- a/clients/client-mediatailor/package.json +++ b/clients/client-mediatailor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mediatailor/src/MediaTailorClient.ts b/clients/client-mediatailor/src/MediaTailorClient.ts index 99e4dab763b1a..56dc96d729c3f 100644 --- a/clients/client-mediatailor/src/MediaTailorClient.ts +++ b/clients/client-mediatailor/src/MediaTailorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMediaTailorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ConfigureLogsForChannelCommandInput, ConfigureLogsForChannelCommandOutput, @@ -339,21 +344,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -392,8 +398,8 @@ export type MediaTailorClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -412,8 +418,8 @@ export type MediaTailorClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -445,8 +451,8 @@ export class MediaTailorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -455,8 +461,14 @@ export class MediaTailorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -467,4 +479,13 @@ export class MediaTailorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMediaTailorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MediaTailorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mediatailor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mediatailor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..31aa1d1680588 --- /dev/null +++ b/clients/client-mediatailor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MediaTailorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaTailorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MediaTailorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MediaTailorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MediaTailorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MediaTailorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mediatailor/src/auth/httpAuthSchemeProvider.ts b/clients/client-mediatailor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..964c67f3bbd4d --- /dev/null +++ b/clients/client-mediatailor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MediaTailorClientConfig, MediaTailorClientResolvedConfig } from "../MediaTailorClient"; + +/** + * @internal + */ +export interface MediaTailorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MediaTailorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MediaTailorClientResolvedConfig, + HandlerExecutionContext, + MediaTailorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMediaTailorHttpAuthSchemeParametersProvider = async ( + config: MediaTailorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MediaTailorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mediatailor", + region: authParameters.region, + }, + propertiesExtractor: (config: MediaTailorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MediaTailorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMediaTailorHttpAuthSchemeProvider: MediaTailorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MediaTailorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MediaTailorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mediatailor/src/extensionConfiguration.ts b/clients/client-mediatailor/src/extensionConfiguration.ts index 588f455300d85..946d51096e2fe 100644 --- a/clients/client-mediatailor/src/extensionConfiguration.ts +++ b/clients/client-mediatailor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MediaTailorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mediatailor/src/runtimeConfig.shared.ts b/clients/client-mediatailor/src/runtimeConfig.shared.ts index 829989c153b0f..ae5fa2b68851c 100644 --- a/clients/client-mediatailor/src/runtimeConfig.shared.ts +++ b/clients/client-mediatailor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMediaTailorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MediaTailorClientConfig } from "./MediaTailorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MediaTailorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMediaTailorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MediaTailor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mediatailor/src/runtimeExtensions.ts b/clients/client-mediatailor/src/runtimeExtensions.ts index 7da60696721d7..c7ce73ba47821 100644 --- a/clients/client-mediatailor/src/runtimeExtensions.ts +++ b/clients/client-mediatailor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MediaTailorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-medical-imaging/package.json b/clients/client-medical-imaging/package.json index 58bad17bb9d94..8d924cdf4b56d 100644 --- a/clients/client-medical-imaging/package.json +++ b/clients/client-medical-imaging/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-medical-imaging/src/MedicalImagingClient.ts b/clients/client-medical-imaging/src/MedicalImagingClient.ts index dbe60e782c76e..10f4c3289c4a2 100644 --- a/clients/client-medical-imaging/src/MedicalImagingClient.ts +++ b/clients/client-medical-imaging/src/MedicalImagingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMedicalImagingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CopyImageSetCommandInput, CopyImageSetCommandOutput } from "./commands/CopyImageSetCommand"; import { CreateDatastoreCommandInput, CreateDatastoreCommandOutput } from "./commands/CreateDatastoreCommand"; import { DeleteDatastoreCommandInput, DeleteDatastoreCommandOutput } from "./commands/DeleteDatastoreCommand"; @@ -229,21 +234,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -288,8 +294,8 @@ export type MedicalImagingClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -308,8 +314,8 @@ export type MedicalImagingClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -490,8 +496,8 @@ export class MedicalImagingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -500,8 +506,14 @@ export class MedicalImagingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -512,4 +524,13 @@ export class MedicalImagingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMedicalImagingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MedicalImagingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-medical-imaging/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-medical-imaging/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f5d3c43f9debe --- /dev/null +++ b/clients/client-medical-imaging/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MedicalImagingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MedicalImagingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MedicalImagingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MedicalImagingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MedicalImagingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MedicalImagingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-medical-imaging/src/auth/httpAuthSchemeProvider.ts b/clients/client-medical-imaging/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3b14cdc103258 --- /dev/null +++ b/clients/client-medical-imaging/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MedicalImagingClientConfig, MedicalImagingClientResolvedConfig } from "../MedicalImagingClient"; + +/** + * @internal + */ +export interface MedicalImagingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MedicalImagingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MedicalImagingClientResolvedConfig, + HandlerExecutionContext, + MedicalImagingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMedicalImagingHttpAuthSchemeParametersProvider = async ( + config: MedicalImagingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MedicalImagingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "medical-imaging", + region: authParameters.region, + }, + propertiesExtractor: (config: MedicalImagingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MedicalImagingHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMedicalImagingHttpAuthSchemeProvider: MedicalImagingHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MedicalImagingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MedicalImagingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-medical-imaging/src/extensionConfiguration.ts b/clients/client-medical-imaging/src/extensionConfiguration.ts index 7485b5269ba0c..f052ea51a763e 100644 --- a/clients/client-medical-imaging/src/extensionConfiguration.ts +++ b/clients/client-medical-imaging/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MedicalImagingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-medical-imaging/src/runtimeConfig.shared.ts b/clients/client-medical-imaging/src/runtimeConfig.shared.ts index 58716923e3612..046e08c7452b7 100644 --- a/clients/client-medical-imaging/src/runtimeConfig.shared.ts +++ b/clients/client-medical-imaging/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMedicalImagingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MedicalImagingClientConfig } from "./MedicalImagingClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: MedicalImagingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMedicalImagingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Medical Imaging", diff --git a/clients/client-medical-imaging/src/runtimeExtensions.ts b/clients/client-medical-imaging/src/runtimeExtensions.ts index a5c2d42bc3915..3ad6808f9df72 100644 --- a/clients/client-medical-imaging/src/runtimeExtensions.ts +++ b/clients/client-medical-imaging/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MedicalImagingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-memorydb/package.json b/clients/client-memorydb/package.json index 96984571b7190..12b70e7fe5664 100644 --- a/clients/client-memorydb/package.json +++ b/clients/client-memorydb/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-memorydb/src/MemoryDBClient.ts b/clients/client-memorydb/src/MemoryDBClient.ts index 64f9b38137d80..40b8597f8e359 100644 --- a/clients/client-memorydb/src/MemoryDBClient.ts +++ b/clients/client-memorydb/src/MemoryDBClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMemoryDBHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchUpdateClusterCommandInput, BatchUpdateClusterCommandOutput } from "./commands/BatchUpdateClusterCommand"; import { CopySnapshotCommandInput, CopySnapshotCommandOutput } from "./commands/CopySnapshotCommand"; import { CreateACLCommandInput, CreateACLCommandOutput } from "./commands/CreateACLCommand"; @@ -306,21 +311,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -359,8 +365,8 @@ export type MemoryDBClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -379,8 +385,8 @@ export type MemoryDBClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -413,8 +419,8 @@ export class MemoryDBClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -423,8 +429,14 @@ export class MemoryDBClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -435,4 +447,13 @@ export class MemoryDBClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMemoryDBHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MemoryDBClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-memorydb/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-memorydb/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ae76884f59971 --- /dev/null +++ b/clients/client-memorydb/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MemoryDBHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MemoryDBHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MemoryDBHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MemoryDBHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MemoryDBHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MemoryDBHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-memorydb/src/auth/httpAuthSchemeProvider.ts b/clients/client-memorydb/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f9ab5b4867f83 --- /dev/null +++ b/clients/client-memorydb/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MemoryDBClientConfig, MemoryDBClientResolvedConfig } from "../MemoryDBClient"; + +/** + * @internal + */ +export interface MemoryDBHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MemoryDBHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MemoryDBClientResolvedConfig, + HandlerExecutionContext, + MemoryDBHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMemoryDBHttpAuthSchemeParametersProvider = async ( + config: MemoryDBClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MemoryDBHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "memorydb", + region: authParameters.region, + }, + propertiesExtractor: (config: MemoryDBClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MemoryDBHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMemoryDBHttpAuthSchemeProvider: MemoryDBHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MemoryDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MemoryDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-memorydb/src/extensionConfiguration.ts b/clients/client-memorydb/src/extensionConfiguration.ts index b1127579a164f..20a82d55cc441 100644 --- a/clients/client-memorydb/src/extensionConfiguration.ts +++ b/clients/client-memorydb/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MemoryDBExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-memorydb/src/runtimeConfig.shared.ts b/clients/client-memorydb/src/runtimeConfig.shared.ts index 0c4818c47fcfc..95d0a4db0ba5d 100644 --- a/clients/client-memorydb/src/runtimeConfig.shared.ts +++ b/clients/client-memorydb/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMemoryDBHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MemoryDBClientConfig } from "./MemoryDBClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MemoryDBClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMemoryDBHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MemoryDB", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-memorydb/src/runtimeExtensions.ts b/clients/client-memorydb/src/runtimeExtensions.ts index 1871ecc9cdac1..a82988e898c90 100644 --- a/clients/client-memorydb/src/runtimeExtensions.ts +++ b/clients/client-memorydb/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MemoryDBExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mgn/package.json b/clients/client-mgn/package.json index c41b46cdd1c35..3e086afd84b3c 100644 --- a/clients/client-mgn/package.json +++ b/clients/client-mgn/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-mgn/src/MgnClient.ts b/clients/client-mgn/src/MgnClient.ts index abe503094ec9c..6a00493a8e8d0 100644 --- a/clients/client-mgn/src/MgnClient.ts +++ b/clients/client-mgn/src/MgnClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMgnHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ArchiveApplicationCommandInput, ArchiveApplicationCommandOutput } from "./commands/ArchiveApplicationCommand"; import { ArchiveWaveCommandInput, ArchiveWaveCommandOutput } from "./commands/ArchiveWaveCommand"; import { @@ -465,21 +470,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -518,8 +524,8 @@ export type MgnClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -538,8 +544,8 @@ export type MgnClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -570,8 +576,8 @@ export class MgnClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -580,8 +586,14 @@ export class MgnClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -592,4 +604,13 @@ export class MgnClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMgnHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MgnClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mgn/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mgn/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..85ba0000aba90 --- /dev/null +++ b/clients/client-mgn/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MgnHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MgnHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MgnHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MgnHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MgnHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MgnHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mgn/src/auth/httpAuthSchemeProvider.ts b/clients/client-mgn/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a35ea1fdf0623 --- /dev/null +++ b/clients/client-mgn/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MgnClientConfig, MgnClientResolvedConfig } from "../MgnClient"; + +/** + * @internal + */ +export interface MgnHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MgnHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MgnClientResolvedConfig, + HandlerExecutionContext, + MgnHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMgnHttpAuthSchemeParametersProvider = async ( + config: MgnClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MgnHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mgn", + region: authParameters.region, + }, + propertiesExtractor: (config: MgnClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MgnHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMgnHttpAuthSchemeProvider: MgnHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MgnHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MgnHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mgn/src/extensionConfiguration.ts b/clients/client-mgn/src/extensionConfiguration.ts index 5c97d4f63f6d2..415cb2b7d9028 100644 --- a/clients/client-mgn/src/extensionConfiguration.ts +++ b/clients/client-mgn/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MgnExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mgn/src/runtimeConfig.shared.ts b/clients/client-mgn/src/runtimeConfig.shared.ts index fc6a980494c55..2bd60f9fefe9d 100644 --- a/clients/client-mgn/src/runtimeConfig.shared.ts +++ b/clients/client-mgn/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMgnHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MgnClientConfig } from "./MgnClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MgnClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMgnHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "mgn", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mgn/src/runtimeExtensions.ts b/clients/client-mgn/src/runtimeExtensions.ts index 9212097389ae7..b1b44ae2cb0e8 100644 --- a/clients/client-mgn/src/runtimeExtensions.ts +++ b/clients/client-mgn/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MgnExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-migration-hub-refactor-spaces/package.json b/clients/client-migration-hub-refactor-spaces/package.json index 2a9757bfbbb65..4534b374aece1 100644 --- a/clients/client-migration-hub-refactor-spaces/package.json +++ b/clients/client-migration-hub-refactor-spaces/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-migration-hub-refactor-spaces/src/MigrationHubRefactorSpacesClient.ts b/clients/client-migration-hub-refactor-spaces/src/MigrationHubRefactorSpacesClient.ts index 9f29a0ea57ad9..4c361d2c8c156 100644 --- a/clients/client-migration-hub-refactor-spaces/src/MigrationHubRefactorSpacesClient.ts +++ b/clients/client-migration-hub-refactor-spaces/src/MigrationHubRefactorSpacesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMigrationHubRefactorSpacesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { CreateEnvironmentCommandInput, CreateEnvironmentCommandOutput } from "./commands/CreateEnvironmentCommand"; import { CreateRouteCommandInput, CreateRouteCommandOutput } from "./commands/CreateRouteCommand"; @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type MigrationHubRefactorSpacesClientConfigType = Partial<__SmithyConfigu EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type MigrationHubRefactorSpacesClientResolvedConfigType = __SmithyResolve EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -350,8 +356,8 @@ export class MigrationHubRefactorSpacesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -360,8 +366,14 @@ export class MigrationHubRefactorSpacesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -372,4 +384,13 @@ export class MigrationHubRefactorSpacesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMigrationHubRefactorSpacesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MigrationHubRefactorSpacesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0d5c600fb0596 --- /dev/null +++ b/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MigrationHubRefactorSpacesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubRefactorSpacesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MigrationHubRefactorSpacesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MigrationHubRefactorSpacesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubRefactorSpacesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MigrationHubRefactorSpacesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthSchemeProvider.ts b/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e0f05098d448d --- /dev/null +++ b/clients/client-migration-hub-refactor-spaces/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MigrationHubRefactorSpacesClientConfig, + MigrationHubRefactorSpacesClientResolvedConfig, +} from "../MigrationHubRefactorSpacesClient"; + +/** + * @internal + */ +export interface MigrationHubRefactorSpacesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MigrationHubRefactorSpacesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MigrationHubRefactorSpacesClientResolvedConfig, + HandlerExecutionContext, + MigrationHubRefactorSpacesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMigrationHubRefactorSpacesHttpAuthSchemeParametersProvider = async ( + config: MigrationHubRefactorSpacesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MigrationHubRefactorSpacesHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "refactor-spaces", + region: authParameters.region, + }, + propertiesExtractor: (config: MigrationHubRefactorSpacesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MigrationHubRefactorSpacesHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMigrationHubRefactorSpacesHttpAuthSchemeProvider: MigrationHubRefactorSpacesHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MigrationHubRefactorSpacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MigrationHubRefactorSpacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-migration-hub-refactor-spaces/src/extensionConfiguration.ts b/clients/client-migration-hub-refactor-spaces/src/extensionConfiguration.ts index 4e9d209a68ed1..ff85a1b887c1f 100644 --- a/clients/client-migration-hub-refactor-spaces/src/extensionConfiguration.ts +++ b/clients/client-migration-hub-refactor-spaces/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MigrationHubRefactorSpacesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-migration-hub-refactor-spaces/src/runtimeConfig.shared.ts b/clients/client-migration-hub-refactor-spaces/src/runtimeConfig.shared.ts index faf1f6e921039..d78a03dc20504 100644 --- a/clients/client-migration-hub-refactor-spaces/src/runtimeConfig.shared.ts +++ b/clients/client-migration-hub-refactor-spaces/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMigrationHubRefactorSpacesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MigrationHubRefactorSpacesClientConfig } from "./MigrationHubRefactorSpacesClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MigrationHubRefactorSpacesClientConfig) disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMigrationHubRefactorSpacesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Migration Hub Refactor Spaces", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-migration-hub-refactor-spaces/src/runtimeExtensions.ts b/clients/client-migration-hub-refactor-spaces/src/runtimeExtensions.ts index f1211b022de7f..8a90215603898 100644 --- a/clients/client-migration-hub-refactor-spaces/src/runtimeExtensions.ts +++ b/clients/client-migration-hub-refactor-spaces/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MigrationHubRefactorSpacesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-migration-hub/package.json b/clients/client-migration-hub/package.json index 2c549cecba567..92d4862025b71 100644 --- a/clients/client-migration-hub/package.json +++ b/clients/client-migration-hub/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-migration-hub/src/MigrationHubClient.ts b/clients/client-migration-hub/src/MigrationHubClient.ts index 5538b9039b595..86098b963c178 100644 --- a/clients/client-migration-hub/src/MigrationHubClient.ts +++ b/clients/client-migration-hub/src/MigrationHubClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMigrationHubHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateCreatedArtifactCommandInput, AssociateCreatedArtifactCommandOutput, @@ -255,21 +260,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -308,8 +314,8 @@ export type MigrationHubClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -328,8 +334,8 @@ export type MigrationHubClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -365,8 +371,8 @@ export class MigrationHubClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -375,8 +381,14 @@ export class MigrationHubClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -387,4 +399,13 @@ export class MigrationHubClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMigrationHubHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MigrationHubClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-migration-hub/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-migration-hub/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..250a81648602e --- /dev/null +++ b/clients/client-migration-hub/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MigrationHubHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MigrationHubHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MigrationHubHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MigrationHubHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-migration-hub/src/auth/httpAuthSchemeProvider.ts b/clients/client-migration-hub/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c6af1fc654431 --- /dev/null +++ b/clients/client-migration-hub/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MigrationHubClientConfig, MigrationHubClientResolvedConfig } from "../MigrationHubClient"; + +/** + * @internal + */ +export interface MigrationHubHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MigrationHubHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MigrationHubClientResolvedConfig, + HandlerExecutionContext, + MigrationHubHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMigrationHubHttpAuthSchemeParametersProvider = async ( + config: MigrationHubClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MigrationHubHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mgh", + region: authParameters.region, + }, + propertiesExtractor: (config: MigrationHubClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MigrationHubHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMigrationHubHttpAuthSchemeProvider: MigrationHubHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MigrationHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MigrationHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-migration-hub/src/extensionConfiguration.ts b/clients/client-migration-hub/src/extensionConfiguration.ts index 582dd7abe9f95..68a5bf9528dab 100644 --- a/clients/client-migration-hub/src/extensionConfiguration.ts +++ b/clients/client-migration-hub/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MigrationHubExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-migration-hub/src/runtimeConfig.shared.ts b/clients/client-migration-hub/src/runtimeConfig.shared.ts index 82b543b251fdb..d1337320c04a5 100644 --- a/clients/client-migration-hub/src/runtimeConfig.shared.ts +++ b/clients/client-migration-hub/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMigrationHubHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MigrationHubClientConfig } from "./MigrationHubClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MigrationHubClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMigrationHubHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Migration Hub", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-migration-hub/src/runtimeExtensions.ts b/clients/client-migration-hub/src/runtimeExtensions.ts index f1857e72b9512..a9a29d90acae0 100644 --- a/clients/client-migration-hub/src/runtimeExtensions.ts +++ b/clients/client-migration-hub/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MigrationHubExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-migrationhub-config/package.json b/clients/client-migrationhub-config/package.json index 904dc93fbb9dd..dbfe03b6d9134 100644 --- a/clients/client-migrationhub-config/package.json +++ b/clients/client-migrationhub-config/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-migrationhub-config/src/MigrationHubConfigClient.ts b/clients/client-migrationhub-config/src/MigrationHubConfigClient.ts index 9d300fb8c0f1d..28ffc6586ffd0 100644 --- a/clients/client-migrationhub-config/src/MigrationHubConfigClient.ts +++ b/clients/client-migrationhub-config/src/MigrationHubConfigClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMigrationHubConfigHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateHomeRegionControlCommandInput, CreateHomeRegionControlCommandOutput, @@ -177,21 +182,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -230,8 +236,8 @@ export type MigrationHubConfigClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -250,8 +256,8 @@ export type MigrationHubConfigClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -305,8 +311,8 @@ export class MigrationHubConfigClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -315,8 +321,14 @@ export class MigrationHubConfigClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -327,4 +339,13 @@ export class MigrationHubConfigClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMigrationHubConfigHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MigrationHubConfigClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-migrationhub-config/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-migrationhub-config/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0121137bfe143 --- /dev/null +++ b/clients/client-migrationhub-config/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MigrationHubConfigHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubConfigHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MigrationHubConfigHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MigrationHubConfigHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubConfigHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MigrationHubConfigHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-migrationhub-config/src/auth/httpAuthSchemeProvider.ts b/clients/client-migrationhub-config/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..359f1b5d8869b --- /dev/null +++ b/clients/client-migrationhub-config/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MigrationHubConfigClientConfig, MigrationHubConfigClientResolvedConfig } from "../MigrationHubConfigClient"; + +/** + * @internal + */ +export interface MigrationHubConfigHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MigrationHubConfigHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MigrationHubConfigClientResolvedConfig, + HandlerExecutionContext, + MigrationHubConfigHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMigrationHubConfigHttpAuthSchemeParametersProvider = async ( + config: MigrationHubConfigClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MigrationHubConfigHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mgh", + region: authParameters.region, + }, + propertiesExtractor: (config: MigrationHubConfigClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MigrationHubConfigHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMigrationHubConfigHttpAuthSchemeProvider: MigrationHubConfigHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MigrationHubConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MigrationHubConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-migrationhub-config/src/extensionConfiguration.ts b/clients/client-migrationhub-config/src/extensionConfiguration.ts index dc605ab3478d8..b68cf324626b0 100644 --- a/clients/client-migrationhub-config/src/extensionConfiguration.ts +++ b/clients/client-migrationhub-config/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MigrationHubConfigExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-migrationhub-config/src/runtimeConfig.shared.ts b/clients/client-migrationhub-config/src/runtimeConfig.shared.ts index 247e5a3a2d946..11ea7edde51a9 100644 --- a/clients/client-migrationhub-config/src/runtimeConfig.shared.ts +++ b/clients/client-migrationhub-config/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMigrationHubConfigHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MigrationHubConfigClientConfig } from "./MigrationHubConfigClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MigrationHubConfigClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMigrationHubConfigHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MigrationHub Config", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-migrationhub-config/src/runtimeExtensions.ts b/clients/client-migrationhub-config/src/runtimeExtensions.ts index 8928d2f6354f2..c108ddf22dfc7 100644 --- a/clients/client-migrationhub-config/src/runtimeExtensions.ts +++ b/clients/client-migrationhub-config/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MigrationHubConfigExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-migrationhuborchestrator/package.json b/clients/client-migrationhuborchestrator/package.json index 1e7a9ea4204fb..5d646b66623b4 100644 --- a/clients/client-migrationhuborchestrator/package.json +++ b/clients/client-migrationhuborchestrator/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-migrationhuborchestrator/src/MigrationHubOrchestratorClient.ts b/clients/client-migrationhuborchestrator/src/MigrationHubOrchestratorClient.ts index 0a661777fe442..3636e823da30a 100644 --- a/clients/client-migrationhuborchestrator/src/MigrationHubOrchestratorClient.ts +++ b/clients/client-migrationhuborchestrator/src/MigrationHubOrchestratorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMigrationHubOrchestratorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateWorkflowCommandInput, CreateWorkflowCommandOutput } from "./commands/CreateWorkflowCommand"; import { CreateWorkflowStepCommandInput, CreateWorkflowStepCommandOutput } from "./commands/CreateWorkflowStepCommand"; import { @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type MigrationHubOrchestratorClientConfigType = Partial<__SmithyConfigura EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type MigrationHubOrchestratorClientResolvedConfigType = __SmithyResolvedC EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -374,8 +380,8 @@ export class MigrationHubOrchestratorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -384,8 +390,14 @@ export class MigrationHubOrchestratorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -396,4 +408,13 @@ export class MigrationHubOrchestratorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMigrationHubOrchestratorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MigrationHubOrchestratorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-migrationhuborchestrator/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-migrationhuborchestrator/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9dc08636f2424 --- /dev/null +++ b/clients/client-migrationhuborchestrator/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MigrationHubOrchestratorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubOrchestratorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MigrationHubOrchestratorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MigrationHubOrchestratorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubOrchestratorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MigrationHubOrchestratorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-migrationhuborchestrator/src/auth/httpAuthSchemeProvider.ts b/clients/client-migrationhuborchestrator/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..56c0604de18df --- /dev/null +++ b/clients/client-migrationhuborchestrator/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MigrationHubOrchestratorClientConfig, + MigrationHubOrchestratorClientResolvedConfig, +} from "../MigrationHubOrchestratorClient"; + +/** + * @internal + */ +export interface MigrationHubOrchestratorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MigrationHubOrchestratorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MigrationHubOrchestratorClientResolvedConfig, + HandlerExecutionContext, + MigrationHubOrchestratorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMigrationHubOrchestratorHttpAuthSchemeParametersProvider = async ( + config: MigrationHubOrchestratorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MigrationHubOrchestratorHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "migrationhub-orchestrator", + region: authParameters.region, + }, + propertiesExtractor: (config: MigrationHubOrchestratorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MigrationHubOrchestratorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMigrationHubOrchestratorHttpAuthSchemeProvider: MigrationHubOrchestratorHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MigrationHubOrchestratorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MigrationHubOrchestratorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-migrationhuborchestrator/src/extensionConfiguration.ts b/clients/client-migrationhuborchestrator/src/extensionConfiguration.ts index 858eeadb46728..23e64d2b877b2 100644 --- a/clients/client-migrationhuborchestrator/src/extensionConfiguration.ts +++ b/clients/client-migrationhuborchestrator/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MigrationHubOrchestratorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-migrationhuborchestrator/src/runtimeConfig.shared.ts b/clients/client-migrationhuborchestrator/src/runtimeConfig.shared.ts index a325da68cbe51..2d3f4db54f063 100644 --- a/clients/client-migrationhuborchestrator/src/runtimeConfig.shared.ts +++ b/clients/client-migrationhuborchestrator/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMigrationHubOrchestratorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MigrationHubOrchestratorClientConfig } from "./MigrationHubOrchestratorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MigrationHubOrchestratorClientConfig) = disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMigrationHubOrchestratorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MigrationHubOrchestrator", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-migrationhuborchestrator/src/runtimeExtensions.ts b/clients/client-migrationhuborchestrator/src/runtimeExtensions.ts index 1ff93c90a6b0a..bd91b6d17317a 100644 --- a/clients/client-migrationhuborchestrator/src/runtimeExtensions.ts +++ b/clients/client-migrationhuborchestrator/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MigrationHubOrchestratorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-migrationhubstrategy/package.json b/clients/client-migrationhubstrategy/package.json index 82b0bfac1e3d8..c8e524895c67c 100644 --- a/clients/client-migrationhubstrategy/package.json +++ b/clients/client-migrationhubstrategy/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-migrationhubstrategy/src/MigrationHubStrategyClient.ts b/clients/client-migrationhubstrategy/src/MigrationHubStrategyClient.ts index 13613fe267e2d..aebe938d486f9 100644 --- a/clients/client-migrationhubstrategy/src/MigrationHubStrategyClient.ts +++ b/clients/client-migrationhubstrategy/src/MigrationHubStrategyClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMigrationHubStrategyHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetApplicationComponentDetailsCommandInput, GetApplicationComponentDetailsCommandOutput, @@ -261,21 +266,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -314,8 +320,8 @@ export type MigrationHubStrategyClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -334,8 +340,8 @@ export type MigrationHubStrategyClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -371,8 +377,8 @@ export class MigrationHubStrategyClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -381,8 +387,14 @@ export class MigrationHubStrategyClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -393,4 +405,13 @@ export class MigrationHubStrategyClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMigrationHubStrategyHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MigrationHubStrategyClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-migrationhubstrategy/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-migrationhubstrategy/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a241f2a394609 --- /dev/null +++ b/clients/client-migrationhubstrategy/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MigrationHubStrategyHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubStrategyHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MigrationHubStrategyHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MigrationHubStrategyHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MigrationHubStrategyHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MigrationHubStrategyHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-migrationhubstrategy/src/auth/httpAuthSchemeProvider.ts b/clients/client-migrationhubstrategy/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1b02a762541e4 --- /dev/null +++ b/clients/client-migrationhubstrategy/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + MigrationHubStrategyClientConfig, + MigrationHubStrategyClientResolvedConfig, +} from "../MigrationHubStrategyClient"; + +/** + * @internal + */ +export interface MigrationHubStrategyHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MigrationHubStrategyHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MigrationHubStrategyClientResolvedConfig, + HandlerExecutionContext, + MigrationHubStrategyHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMigrationHubStrategyHttpAuthSchemeParametersProvider = async ( + config: MigrationHubStrategyClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: MigrationHubStrategyHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "migrationhub-strategy", + region: authParameters.region, + }, + propertiesExtractor: (config: MigrationHubStrategyClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MigrationHubStrategyHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMigrationHubStrategyHttpAuthSchemeProvider: MigrationHubStrategyHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MigrationHubStrategyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MigrationHubStrategyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-migrationhubstrategy/src/extensionConfiguration.ts b/clients/client-migrationhubstrategy/src/extensionConfiguration.ts index 8f83550ee5ea3..9049feb120f41 100644 --- a/clients/client-migrationhubstrategy/src/extensionConfiguration.ts +++ b/clients/client-migrationhubstrategy/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MigrationHubStrategyExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-migrationhubstrategy/src/runtimeConfig.shared.ts b/clients/client-migrationhubstrategy/src/runtimeConfig.shared.ts index 84fe4e2f566c4..1de557047d732 100644 --- a/clients/client-migrationhubstrategy/src/runtimeConfig.shared.ts +++ b/clients/client-migrationhubstrategy/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMigrationHubStrategyHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MigrationHubStrategyClientConfig } from "./MigrationHubStrategyClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MigrationHubStrategyClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMigrationHubStrategyHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MigrationHubStrategy", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-migrationhubstrategy/src/runtimeExtensions.ts b/clients/client-migrationhubstrategy/src/runtimeExtensions.ts index 6db3eabe83a08..60ede000b221d 100644 --- a/clients/client-migrationhubstrategy/src/runtimeExtensions.ts +++ b/clients/client-migrationhubstrategy/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MigrationHubStrategyExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mobile/package.json b/clients/client-mobile/package.json index 3f855b47b064c..4e17bcbe48a4e 100644 --- a/clients/client-mobile/package.json +++ b/clients/client-mobile/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mobile/src/MobileClient.ts b/clients/client-mobile/src/MobileClient.ts index 464f2da1e09b8..1d4e71fe31c39 100644 --- a/clients/client-mobile/src/MobileClient.ts +++ b/clients/client-mobile/src/MobileClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMobileHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateProjectCommandInput, CreateProjectCommandOutput } from "./commands/CreateProjectCommand"; import { DeleteProjectCommandInput, DeleteProjectCommandOutput } from "./commands/DeleteProjectCommand"; import { DescribeBundleCommandInput, DescribeBundleCommandOutput } from "./commands/DescribeBundleCommand"; @@ -183,21 +188,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -236,8 +242,8 @@ export type MobileClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -256,8 +262,8 @@ export type MobileClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export class MobileClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -302,8 +308,14 @@ export class MobileClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -314,4 +326,13 @@ export class MobileClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMobileHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MobileClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mobile/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mobile/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b71ae33d61526 --- /dev/null +++ b/clients/client-mobile/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MobileHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MobileHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MobileHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MobileHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MobileHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MobileHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mobile/src/auth/httpAuthSchemeProvider.ts b/clients/client-mobile/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e47933e7c5b32 --- /dev/null +++ b/clients/client-mobile/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MobileClientConfig, MobileClientResolvedConfig } from "../MobileClient"; + +/** + * @internal + */ +export interface MobileHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MobileHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MobileClientResolvedConfig, + HandlerExecutionContext, + MobileHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMobileHttpAuthSchemeParametersProvider = async ( + config: MobileClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MobileHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "AWSMobileHubService", + region: authParameters.region, + }, + propertiesExtractor: (config: MobileClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MobileHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMobileHttpAuthSchemeProvider: MobileHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MobileHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MobileHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mobile/src/extensionConfiguration.ts b/clients/client-mobile/src/extensionConfiguration.ts index c50e7305bf91a..f45502d65dfac 100644 --- a/clients/client-mobile/src/extensionConfiguration.ts +++ b/clients/client-mobile/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MobileExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mobile/src/runtimeConfig.shared.ts b/clients/client-mobile/src/runtimeConfig.shared.ts index bb06e85a6d9d3..0d0abdd744c26 100644 --- a/clients/client-mobile/src/runtimeConfig.shared.ts +++ b/clients/client-mobile/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMobileHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MobileClientConfig } from "./MobileClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MobileClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMobileHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Mobile", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mobile/src/runtimeExtensions.ts b/clients/client-mobile/src/runtimeExtensions.ts index a20a0790e1268..7e5c5173d480f 100644 --- a/clients/client-mobile/src/runtimeExtensions.ts +++ b/clients/client-mobile/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MobileExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mq/package.json b/clients/client-mq/package.json index 7a66453365b3b..213c9c8ef559d 100644 --- a/clients/client-mq/package.json +++ b/clients/client-mq/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-mq/src/MqClient.ts b/clients/client-mq/src/MqClient.ts index 92f192af25f72..267fa0ac6f4ff 100644 --- a/clients/client-mq/src/MqClient.ts +++ b/clients/client-mq/src/MqClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMqHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBrokerCommandInput, CreateBrokerCommandOutput } from "./commands/CreateBrokerCommand"; import { CreateConfigurationCommandInput, @@ -246,21 +251,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -299,8 +305,8 @@ export type MqClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpti EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -319,8 +325,8 @@ export type MqClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHan EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -351,8 +357,8 @@ export class MqClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -361,8 +367,14 @@ export class MqClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -373,4 +385,13 @@ export class MqClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMqHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MqClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mq/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mq/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..34ef21d3118c6 --- /dev/null +++ b/clients/client-mq/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MqHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MqHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MqHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MqHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MqHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MqHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mq/src/auth/httpAuthSchemeProvider.ts b/clients/client-mq/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e8e3cf25c88e7 --- /dev/null +++ b/clients/client-mq/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MqClientConfig, MqClientResolvedConfig } from "../MqClient"; + +/** + * @internal + */ +export interface MqHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MqHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MqClientResolvedConfig, + HandlerExecutionContext, + MqHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMqHttpAuthSchemeParametersProvider = async ( + config: MqClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MqHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mq", + region: authParameters.region, + }, + propertiesExtractor: (config: MqClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MqHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMqHttpAuthSchemeProvider: MqHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MqHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MqHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mq/src/extensionConfiguration.ts b/clients/client-mq/src/extensionConfiguration.ts index 6867aab0eb996..1d198b53dabbd 100644 --- a/clients/client-mq/src/extensionConfiguration.ts +++ b/clients/client-mq/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MqExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mq/src/runtimeConfig.shared.ts b/clients/client-mq/src/runtimeConfig.shared.ts index ed6deef94af3b..808b3905a6f45 100644 --- a/clients/client-mq/src/runtimeConfig.shared.ts +++ b/clients/client-mq/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMqHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MqClientConfig } from "./MqClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MqClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMqHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "mq", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mq/src/runtimeExtensions.ts b/clients/client-mq/src/runtimeExtensions.ts index fd9552ba06763..9d4dc609b3bc0 100644 --- a/clients/client-mq/src/runtimeExtensions.ts +++ b/clients/client-mq/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MqExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mturk/package.json b/clients/client-mturk/package.json index 96189f5907af4..8311e92f1c546 100644 --- a/clients/client-mturk/package.json +++ b/clients/client-mturk/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mturk/src/MTurkClient.ts b/clients/client-mturk/src/MTurkClient.ts index 202247b2ca576..67ffdee46c5f5 100644 --- a/clients/client-mturk/src/MTurkClient.ts +++ b/clients/client-mturk/src/MTurkClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMTurkHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptQualificationRequestCommandInput, AcceptQualificationRequestCommandOutput, @@ -336,21 +341,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -389,8 +395,8 @@ export type MTurkClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -409,8 +415,8 @@ export type MTurkClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -441,8 +447,8 @@ export class MTurkClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -451,8 +457,14 @@ export class MTurkClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -463,4 +475,13 @@ export class MTurkClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMTurkHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MTurkClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mturk/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mturk/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..40511050c2155 --- /dev/null +++ b/clients/client-mturk/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MTurkHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MTurkHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MTurkHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MTurkHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MTurkHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MTurkHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mturk/src/auth/httpAuthSchemeProvider.ts b/clients/client-mturk/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c1eb8f40f5be9 --- /dev/null +++ b/clients/client-mturk/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MTurkClientConfig, MTurkClientResolvedConfig } from "../MTurkClient"; + +/** + * @internal + */ +export interface MTurkHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MTurkHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MTurkClientResolvedConfig, + HandlerExecutionContext, + MTurkHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMTurkHttpAuthSchemeParametersProvider = async ( + config: MTurkClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MTurkHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mturk-requester", + region: authParameters.region, + }, + propertiesExtractor: (config: MTurkClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MTurkHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMTurkHttpAuthSchemeProvider: MTurkHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MTurkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MTurkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mturk/src/extensionConfiguration.ts b/clients/client-mturk/src/extensionConfiguration.ts index 63abdca488d5f..3c9e75408199f 100644 --- a/clients/client-mturk/src/extensionConfiguration.ts +++ b/clients/client-mturk/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MTurkExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mturk/src/runtimeConfig.shared.ts b/clients/client-mturk/src/runtimeConfig.shared.ts index df3b63011ecbe..86924e30b5c16 100644 --- a/clients/client-mturk/src/runtimeConfig.shared.ts +++ b/clients/client-mturk/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMTurkHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MTurkClientConfig } from "./MTurkClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MTurkClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMTurkHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MTurk", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mturk/src/runtimeExtensions.ts b/clients/client-mturk/src/runtimeExtensions.ts index be97c8dd2ddba..284b5f7c1f0f9 100644 --- a/clients/client-mturk/src/runtimeExtensions.ts +++ b/clients/client-mturk/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MTurkExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-mwaa/package.json b/clients/client-mwaa/package.json index 46e713cfa6f77..1ae6c8526c741 100644 --- a/clients/client-mwaa/package.json +++ b/clients/client-mwaa/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-mwaa/src/MWAAClient.ts b/clients/client-mwaa/src/MWAAClient.ts index 0cf1bc211bb7a..0ce36151b2952 100644 --- a/clients/client-mwaa/src/MWAAClient.ts +++ b/clients/client-mwaa/src/MWAAClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultMWAAHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCliTokenCommandInput, CreateCliTokenCommandOutput } from "./commands/CreateCliTokenCommand"; import { CreateEnvironmentCommandInput, CreateEnvironmentCommandOutput } from "./commands/CreateEnvironmentCommand"; import { @@ -195,21 +200,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -248,8 +254,8 @@ export type MWAAClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -268,8 +274,8 @@ export type MWAAClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -372,8 +378,8 @@ export class MWAAClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -382,8 +388,14 @@ export class MWAAClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -394,4 +406,13 @@ export class MWAAClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultMWAAHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: MWAAClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-mwaa/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-mwaa/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..833c61afa1dc9 --- /dev/null +++ b/clients/client-mwaa/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { MWAAHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MWAAHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): MWAAHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: MWAAHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: MWAAHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): MWAAHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-mwaa/src/auth/httpAuthSchemeProvider.ts b/clients/client-mwaa/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b304c49f0f07c --- /dev/null +++ b/clients/client-mwaa/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { MWAAClientConfig, MWAAClientResolvedConfig } from "../MWAAClient"; + +/** + * @internal + */ +export interface MWAAHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface MWAAHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + MWAAClientResolvedConfig, + HandlerExecutionContext, + MWAAHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultMWAAHttpAuthSchemeParametersProvider = async ( + config: MWAAClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: MWAAHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "airflow", + region: authParameters.region, + }, + propertiesExtractor: (config: MWAAClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface MWAAHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultMWAAHttpAuthSchemeProvider: MWAAHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: MWAAHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: MWAAHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-mwaa/src/extensionConfiguration.ts b/clients/client-mwaa/src/extensionConfiguration.ts index ad5cda5772ef2..e932467dcc59a 100644 --- a/clients/client-mwaa/src/extensionConfiguration.ts +++ b/clients/client-mwaa/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface MWAAExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-mwaa/src/runtimeConfig.shared.ts b/clients/client-mwaa/src/runtimeConfig.shared.ts index 8b15b54117c50..4731be47a1b6c 100644 --- a/clients/client-mwaa/src/runtimeConfig.shared.ts +++ b/clients/client-mwaa/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultMWAAHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { MWAAClientConfig } from "./MWAAClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: MWAAClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultMWAAHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "MWAA", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-mwaa/src/runtimeExtensions.ts b/clients/client-mwaa/src/runtimeExtensions.ts index a31d94939ed5f..a2a7bdf989c3d 100644 --- a/clients/client-mwaa/src/runtimeExtensions.ts +++ b/clients/client-mwaa/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { MWAAExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-neptune-graph/package.json b/clients/client-neptune-graph/package.json index c24a0d918c520..650d0f026e7e3 100644 --- a/clients/client-neptune-graph/package.json +++ b/clients/client-neptune-graph/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-neptune-graph/src/NeptuneGraphClient.ts b/clients/client-neptune-graph/src/NeptuneGraphClient.ts index 70f663be5550b..43112355805c4 100644 --- a/clients/client-neptune-graph/src/NeptuneGraphClient.ts +++ b/clients/client-neptune-graph/src/NeptuneGraphClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNeptuneGraphHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelImportTaskCommandInput, CancelImportTaskCommandOutput } from "./commands/CancelImportTaskCommand"; import { CancelQueryCommandInput, CancelQueryCommandOutput } from "./commands/CancelQueryCommand"; import { CreateGraphCommandInput, CreateGraphCommandOutput } from "./commands/CreateGraphCommand"; @@ -265,21 +270,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -324,8 +330,8 @@ export type NeptuneGraphClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -344,8 +350,8 @@ export type NeptuneGraphClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -378,8 +384,8 @@ export class NeptuneGraphClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -388,8 +394,14 @@ export class NeptuneGraphClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -400,4 +412,13 @@ export class NeptuneGraphClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNeptuneGraphHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NeptuneGraphClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-neptune-graph/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-neptune-graph/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b3b3d0eed45d3 --- /dev/null +++ b/clients/client-neptune-graph/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NeptuneGraphHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptuneGraphHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NeptuneGraphHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NeptuneGraphHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptuneGraphHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NeptuneGraphHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-neptune-graph/src/auth/httpAuthSchemeProvider.ts b/clients/client-neptune-graph/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..92bcafc1200f5 --- /dev/null +++ b/clients/client-neptune-graph/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NeptuneGraphClientConfig, NeptuneGraphClientResolvedConfig } from "../NeptuneGraphClient"; + +/** + * @internal + */ +export interface NeptuneGraphHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NeptuneGraphHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NeptuneGraphClientResolvedConfig, + HandlerExecutionContext, + NeptuneGraphHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNeptuneGraphHttpAuthSchemeParametersProvider = async ( + config: NeptuneGraphClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NeptuneGraphHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "neptune-graph", + region: authParameters.region, + }, + propertiesExtractor: (config: NeptuneGraphClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NeptuneGraphHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNeptuneGraphHttpAuthSchemeProvider: NeptuneGraphHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NeptuneGraphHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NeptuneGraphHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-neptune-graph/src/extensionConfiguration.ts b/clients/client-neptune-graph/src/extensionConfiguration.ts index aa3774080dcbf..6bdbcd7dcd5c0 100644 --- a/clients/client-neptune-graph/src/extensionConfiguration.ts +++ b/clients/client-neptune-graph/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NeptuneGraphExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-neptune-graph/src/runtimeConfig.shared.ts b/clients/client-neptune-graph/src/runtimeConfig.shared.ts index 9ebf80f631736..307adf4ee145e 100644 --- a/clients/client-neptune-graph/src/runtimeConfig.shared.ts +++ b/clients/client-neptune-graph/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNeptuneGraphHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NeptuneGraphClientConfig } from "./NeptuneGraphClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: NeptuneGraphClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNeptuneGraphHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Neptune Graph", diff --git a/clients/client-neptune-graph/src/runtimeExtensions.ts b/clients/client-neptune-graph/src/runtimeExtensions.ts index 9bb2300e3afd5..c079927265fb2 100644 --- a/clients/client-neptune-graph/src/runtimeExtensions.ts +++ b/clients/client-neptune-graph/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NeptuneGraphExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-neptune/package.json b/clients/client-neptune/package.json index 8efe9f7ce9f65..d6b57256a3666 100644 --- a/clients/client-neptune/package.json +++ b/clients/client-neptune/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", "@aws-sdk/middleware-sdk-rds": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-neptune/src/NeptuneClient.ts b/clients/client-neptune/src/NeptuneClient.ts index 11fff521ae445..e60a28a458b49 100644 --- a/clients/client-neptune/src/NeptuneClient.ts +++ b/clients/client-neptune/src/NeptuneClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNeptuneHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddRoleToDBClusterCommandInput, AddRoleToDBClusterCommandOutput } from "./commands/AddRoleToDBClusterCommand"; import { AddSourceIdentifierToSubscriptionCommandInput, @@ -528,21 +533,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -581,8 +587,8 @@ export type NeptuneClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -601,8 +607,8 @@ export type NeptuneClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -649,8 +655,8 @@ export class NeptuneClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -659,8 +665,14 @@ export class NeptuneClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -671,4 +683,13 @@ export class NeptuneClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNeptuneHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NeptuneClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-neptune/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-neptune/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..56660bdb29b66 --- /dev/null +++ b/clients/client-neptune/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NeptuneHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptuneHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NeptuneHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NeptuneHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptuneHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NeptuneHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-neptune/src/auth/httpAuthSchemeProvider.ts b/clients/client-neptune/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5ed236db7ce2f --- /dev/null +++ b/clients/client-neptune/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NeptuneClientConfig, NeptuneClientResolvedConfig } from "../NeptuneClient"; + +/** + * @internal + */ +export interface NeptuneHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NeptuneHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NeptuneClientResolvedConfig, + HandlerExecutionContext, + NeptuneHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNeptuneHttpAuthSchemeParametersProvider = async ( + config: NeptuneClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NeptuneHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rds", + region: authParameters.region, + }, + propertiesExtractor: (config: NeptuneClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NeptuneHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNeptuneHttpAuthSchemeProvider: NeptuneHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NeptuneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NeptuneHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-neptune/src/extensionConfiguration.ts b/clients/client-neptune/src/extensionConfiguration.ts index fb1d792050cb2..ff9138c99c0fb 100644 --- a/clients/client-neptune/src/extensionConfiguration.ts +++ b/clients/client-neptune/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NeptuneExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-neptune/src/runtimeConfig.shared.ts b/clients/client-neptune/src/runtimeConfig.shared.ts index f9862c6298ae5..3c915c1116daf 100644 --- a/clients/client-neptune/src/runtimeConfig.shared.ts +++ b/clients/client-neptune/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNeptuneHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NeptuneClientConfig } from "./NeptuneClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NeptuneClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNeptuneHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Neptune", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-neptune/src/runtimeExtensions.ts b/clients/client-neptune/src/runtimeExtensions.ts index 0278a4fb606b8..881c88c9dcdc8 100644 --- a/clients/client-neptune/src/runtimeExtensions.ts +++ b/clients/client-neptune/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NeptuneExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-neptunedata/package.json b/clients/client-neptunedata/package.json index 018a9950c0932..e7c99483ae085 100644 --- a/clients/client-neptunedata/package.json +++ b/clients/client-neptunedata/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-neptunedata/src/NeptunedataClient.ts b/clients/client-neptunedata/src/NeptunedataClient.ts index 88108f3e0afe4..86383433a75ec 100644 --- a/clients/client-neptunedata/src/NeptunedataClient.ts +++ b/clients/client-neptunedata/src/NeptunedataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNeptunedataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelGremlinQueryCommandInput, CancelGremlinQueryCommandOutput } from "./commands/CancelGremlinQueryCommand"; import { CancelLoaderJobCommandInput, CancelLoaderJobCommandOutput } from "./commands/CancelLoaderJobCommand"; import { @@ -372,21 +377,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -425,8 +431,8 @@ export type NeptunedataClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -445,8 +451,8 @@ export type NeptunedataClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -482,8 +488,8 @@ export class NeptunedataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -492,8 +498,14 @@ export class NeptunedataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -504,4 +516,13 @@ export class NeptunedataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNeptunedataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NeptunedataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-neptunedata/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-neptunedata/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..26577250a11c8 --- /dev/null +++ b/clients/client-neptunedata/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NeptunedataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptunedataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NeptunedataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NeptunedataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NeptunedataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NeptunedataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-neptunedata/src/auth/httpAuthSchemeProvider.ts b/clients/client-neptunedata/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2c2b14b43ac9d --- /dev/null +++ b/clients/client-neptunedata/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NeptunedataClientConfig, NeptunedataClientResolvedConfig } from "../NeptunedataClient"; + +/** + * @internal + */ +export interface NeptunedataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NeptunedataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NeptunedataClientResolvedConfig, + HandlerExecutionContext, + NeptunedataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNeptunedataHttpAuthSchemeParametersProvider = async ( + config: NeptunedataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NeptunedataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "neptune-db", + region: authParameters.region, + }, + propertiesExtractor: (config: NeptunedataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NeptunedataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNeptunedataHttpAuthSchemeProvider: NeptunedataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NeptunedataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NeptunedataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-neptunedata/src/extensionConfiguration.ts b/clients/client-neptunedata/src/extensionConfiguration.ts index 728b39cf88a62..d1fc949d42e78 100644 --- a/clients/client-neptunedata/src/extensionConfiguration.ts +++ b/clients/client-neptunedata/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NeptunedataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-neptunedata/src/runtimeConfig.shared.ts b/clients/client-neptunedata/src/runtimeConfig.shared.ts index 5ba5959b01b4c..ac7330b18670a 100644 --- a/clients/client-neptunedata/src/runtimeConfig.shared.ts +++ b/clients/client-neptunedata/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNeptunedataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NeptunedataClientConfig } from "./NeptunedataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NeptunedataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNeptunedataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "neptunedata", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-neptunedata/src/runtimeExtensions.ts b/clients/client-neptunedata/src/runtimeExtensions.ts index a545a5f7dd290..a2ed16f4a50e9 100644 --- a/clients/client-neptunedata/src/runtimeExtensions.ts +++ b/clients/client-neptunedata/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NeptunedataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-network-firewall/package.json b/clients/client-network-firewall/package.json index 5eaa68b70e5de..ddeeaf79c7c6e 100644 --- a/clients/client-network-firewall/package.json +++ b/clients/client-network-firewall/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-network-firewall/src/NetworkFirewallClient.ts b/clients/client-network-firewall/src/NetworkFirewallClient.ts index 23d6e364f5c50..33ccba6efa3ba 100644 --- a/clients/client-network-firewall/src/NetworkFirewallClient.ts +++ b/clients/client-network-firewall/src/NetworkFirewallClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNetworkFirewallHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateFirewallPolicyCommandInput, AssociateFirewallPolicyCommandOutput, @@ -333,21 +338,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -386,8 +392,8 @@ export type NetworkFirewallClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -406,8 +412,8 @@ export type NetworkFirewallClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -515,8 +521,8 @@ export class NetworkFirewallClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -525,8 +531,14 @@ export class NetworkFirewallClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -537,4 +549,13 @@ export class NetworkFirewallClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNetworkFirewallHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NetworkFirewallClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-network-firewall/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-network-firewall/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a08a743761dc5 --- /dev/null +++ b/clients/client-network-firewall/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NetworkFirewallHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkFirewallHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NetworkFirewallHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NetworkFirewallHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkFirewallHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NetworkFirewallHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-network-firewall/src/auth/httpAuthSchemeProvider.ts b/clients/client-network-firewall/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f8636618e88d8 --- /dev/null +++ b/clients/client-network-firewall/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NetworkFirewallClientConfig, NetworkFirewallClientResolvedConfig } from "../NetworkFirewallClient"; + +/** + * @internal + */ +export interface NetworkFirewallHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NetworkFirewallHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NetworkFirewallClientResolvedConfig, + HandlerExecutionContext, + NetworkFirewallHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNetworkFirewallHttpAuthSchemeParametersProvider = async ( + config: NetworkFirewallClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NetworkFirewallHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "network-firewall", + region: authParameters.region, + }, + propertiesExtractor: (config: NetworkFirewallClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NetworkFirewallHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNetworkFirewallHttpAuthSchemeProvider: NetworkFirewallHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NetworkFirewallHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NetworkFirewallHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-network-firewall/src/extensionConfiguration.ts b/clients/client-network-firewall/src/extensionConfiguration.ts index 1087568d5c479..51594637c6e3f 100644 --- a/clients/client-network-firewall/src/extensionConfiguration.ts +++ b/clients/client-network-firewall/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NetworkFirewallExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-network-firewall/src/runtimeConfig.shared.ts b/clients/client-network-firewall/src/runtimeConfig.shared.ts index d58016510efb5..84955a3af60e3 100644 --- a/clients/client-network-firewall/src/runtimeConfig.shared.ts +++ b/clients/client-network-firewall/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNetworkFirewallHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NetworkFirewallClientConfig } from "./NetworkFirewallClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NetworkFirewallClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNetworkFirewallHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Network Firewall", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-network-firewall/src/runtimeExtensions.ts b/clients/client-network-firewall/src/runtimeExtensions.ts index e612f32c1ba85..105fa61824044 100644 --- a/clients/client-network-firewall/src/runtimeExtensions.ts +++ b/clients/client-network-firewall/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NetworkFirewallExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-networkmanager/package.json b/clients/client-networkmanager/package.json index e441e5ec7c2f8..6cba68b0c44fd 100644 --- a/clients/client-networkmanager/package.json +++ b/clients/client-networkmanager/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-networkmanager/src/NetworkManagerClient.ts b/clients/client-networkmanager/src/NetworkManagerClient.ts index b9210c736ff9d..acc548ab0d97d 100644 --- a/clients/client-networkmanager/src/NetworkManagerClient.ts +++ b/clients/client-networkmanager/src/NetworkManagerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNetworkManagerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptAttachmentCommandInput, AcceptAttachmentCommandOutput } from "./commands/AcceptAttachmentCommand"; import { AssociateConnectPeerCommandInput, @@ -543,21 +548,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -596,8 +602,8 @@ export type NetworkManagerClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -616,8 +622,8 @@ export type NetworkManagerClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -648,8 +654,8 @@ export class NetworkManagerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -658,8 +664,14 @@ export class NetworkManagerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -670,4 +682,13 @@ export class NetworkManagerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNetworkManagerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NetworkManagerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-networkmanager/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-networkmanager/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..97520f1fbd946 --- /dev/null +++ b/clients/client-networkmanager/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NetworkManagerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkManagerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NetworkManagerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NetworkManagerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkManagerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NetworkManagerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-networkmanager/src/auth/httpAuthSchemeProvider.ts b/clients/client-networkmanager/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1a9a935e6e926 --- /dev/null +++ b/clients/client-networkmanager/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NetworkManagerClientConfig, NetworkManagerClientResolvedConfig } from "../NetworkManagerClient"; + +/** + * @internal + */ +export interface NetworkManagerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NetworkManagerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NetworkManagerClientResolvedConfig, + HandlerExecutionContext, + NetworkManagerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNetworkManagerHttpAuthSchemeParametersProvider = async ( + config: NetworkManagerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NetworkManagerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "networkmanager", + region: authParameters.region, + }, + propertiesExtractor: (config: NetworkManagerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NetworkManagerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNetworkManagerHttpAuthSchemeProvider: NetworkManagerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NetworkManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NetworkManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-networkmanager/src/extensionConfiguration.ts b/clients/client-networkmanager/src/extensionConfiguration.ts index bfeea053ae81c..5533b93e108c0 100644 --- a/clients/client-networkmanager/src/extensionConfiguration.ts +++ b/clients/client-networkmanager/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NetworkManagerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-networkmanager/src/runtimeConfig.shared.ts b/clients/client-networkmanager/src/runtimeConfig.shared.ts index 6998c54122693..18d36be1f95e1 100644 --- a/clients/client-networkmanager/src/runtimeConfig.shared.ts +++ b/clients/client-networkmanager/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNetworkManagerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NetworkManagerClientConfig } from "./NetworkManagerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NetworkManagerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNetworkManagerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "NetworkManager", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-networkmanager/src/runtimeExtensions.ts b/clients/client-networkmanager/src/runtimeExtensions.ts index 72925fcb16e0a..daeaea190ec06 100644 --- a/clients/client-networkmanager/src/runtimeExtensions.ts +++ b/clients/client-networkmanager/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NetworkManagerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-networkmonitor/package.json b/clients/client-networkmonitor/package.json index 5c17bb191b3ec..f18596c216f95 100644 --- a/clients/client-networkmonitor/package.json +++ b/clients/client-networkmonitor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-networkmonitor/src/NetworkMonitorClient.ts b/clients/client-networkmonitor/src/NetworkMonitorClient.ts index 753a17f144f0e..a323f9ee6cdba 100644 --- a/clients/client-networkmonitor/src/NetworkMonitorClient.ts +++ b/clients/client-networkmonitor/src/NetworkMonitorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNetworkMonitorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateMonitorCommandInput, CreateMonitorCommandOutput } from "./commands/CreateMonitorCommand"; import { CreateProbeCommandInput, CreateProbeCommandOutput } from "./commands/CreateProbeCommand"; import { DeleteMonitorCommandInput, DeleteMonitorCommandOutput } from "./commands/DeleteMonitorCommand"; @@ -195,21 +200,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -248,8 +254,8 @@ export type NetworkMonitorClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -268,8 +274,8 @@ export type NetworkMonitorClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -308,8 +314,8 @@ export class NetworkMonitorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -318,8 +324,14 @@ export class NetworkMonitorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -330,4 +342,13 @@ export class NetworkMonitorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNetworkMonitorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NetworkMonitorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-networkmonitor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-networkmonitor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0493a200ffa7b --- /dev/null +++ b/clients/client-networkmonitor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NetworkMonitorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkMonitorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NetworkMonitorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NetworkMonitorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NetworkMonitorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NetworkMonitorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-networkmonitor/src/auth/httpAuthSchemeProvider.ts b/clients/client-networkmonitor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..86f64b6a51cd3 --- /dev/null +++ b/clients/client-networkmonitor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NetworkMonitorClientConfig, NetworkMonitorClientResolvedConfig } from "../NetworkMonitorClient"; + +/** + * @internal + */ +export interface NetworkMonitorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NetworkMonitorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NetworkMonitorClientResolvedConfig, + HandlerExecutionContext, + NetworkMonitorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNetworkMonitorHttpAuthSchemeParametersProvider = async ( + config: NetworkMonitorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NetworkMonitorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "networkmonitor", + region: authParameters.region, + }, + propertiesExtractor: (config: NetworkMonitorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NetworkMonitorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNetworkMonitorHttpAuthSchemeProvider: NetworkMonitorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NetworkMonitorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NetworkMonitorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-networkmonitor/src/extensionConfiguration.ts b/clients/client-networkmonitor/src/extensionConfiguration.ts index 41660daa3e315..5eb020551b10c 100644 --- a/clients/client-networkmonitor/src/extensionConfiguration.ts +++ b/clients/client-networkmonitor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NetworkMonitorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-networkmonitor/src/runtimeConfig.shared.ts b/clients/client-networkmonitor/src/runtimeConfig.shared.ts index 6c0c95fe98e9a..c9918610f9b4a 100644 --- a/clients/client-networkmonitor/src/runtimeConfig.shared.ts +++ b/clients/client-networkmonitor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNetworkMonitorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NetworkMonitorClientConfig } from "./NetworkMonitorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NetworkMonitorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNetworkMonitorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "NetworkMonitor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-networkmonitor/src/runtimeExtensions.ts b/clients/client-networkmonitor/src/runtimeExtensions.ts index 3e68812461610..33e53ea8be95d 100644 --- a/clients/client-networkmonitor/src/runtimeExtensions.ts +++ b/clients/client-networkmonitor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NetworkMonitorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-nimble/package.json b/clients/client-nimble/package.json index 4748a96617506..7c4eb4b5cacd9 100644 --- a/clients/client-nimble/package.json +++ b/clients/client-nimble/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-nimble/src/NimbleClient.ts b/clients/client-nimble/src/NimbleClient.ts index d3e47a9d3320f..a07d98f5dbef4 100644 --- a/clients/client-nimble/src/NimbleClient.ts +++ b/clients/client-nimble/src/NimbleClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultNimbleHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptEulasCommandInput, AcceptEulasCommandOutput } from "./commands/AcceptEulasCommand"; import { CreateLaunchProfileCommandInput, @@ -396,21 +401,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -449,8 +455,8 @@ export type NimbleClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -469,8 +475,8 @@ export type NimbleClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -506,8 +512,8 @@ export class NimbleClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -516,8 +522,14 @@ export class NimbleClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -528,4 +540,13 @@ export class NimbleClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultNimbleHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: NimbleClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-nimble/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-nimble/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..54c9c4d02f240 --- /dev/null +++ b/clients/client-nimble/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { NimbleHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NimbleHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): NimbleHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: NimbleHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: NimbleHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): NimbleHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-nimble/src/auth/httpAuthSchemeProvider.ts b/clients/client-nimble/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6c167151d01cb --- /dev/null +++ b/clients/client-nimble/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { NimbleClientConfig, NimbleClientResolvedConfig } from "../NimbleClient"; + +/** + * @internal + */ +export interface NimbleHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface NimbleHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + NimbleClientResolvedConfig, + HandlerExecutionContext, + NimbleHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultNimbleHttpAuthSchemeParametersProvider = async ( + config: NimbleClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: NimbleHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "nimble", + region: authParameters.region, + }, + propertiesExtractor: (config: NimbleClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface NimbleHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultNimbleHttpAuthSchemeProvider: NimbleHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: NimbleHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: NimbleHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-nimble/src/extensionConfiguration.ts b/clients/client-nimble/src/extensionConfiguration.ts index c19b475b3eb68..994e354b5e722 100644 --- a/clients/client-nimble/src/extensionConfiguration.ts +++ b/clients/client-nimble/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface NimbleExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-nimble/src/runtimeConfig.shared.ts b/clients/client-nimble/src/runtimeConfig.shared.ts index 1ce98e0d8d8a4..ce30cf1b0a3aa 100644 --- a/clients/client-nimble/src/runtimeConfig.shared.ts +++ b/clients/client-nimble/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultNimbleHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { NimbleClientConfig } from "./NimbleClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: NimbleClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultNimbleHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "nimble", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-nimble/src/runtimeExtensions.ts b/clients/client-nimble/src/runtimeExtensions.ts index 5a759067613ce..15579c4013ffe 100644 --- a/clients/client-nimble/src/runtimeExtensions.ts +++ b/clients/client-nimble/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { NimbleExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-oam/package.json b/clients/client-oam/package.json index ad15c72adc9e6..4875bc490fed3 100644 --- a/clients/client-oam/package.json +++ b/clients/client-oam/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-oam/src/OAMClient.ts b/clients/client-oam/src/OAMClient.ts index 38865ac90a68f..b38759d377cd6 100644 --- a/clients/client-oam/src/OAMClient.ts +++ b/clients/client-oam/src/OAMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOAMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateLinkCommandInput, CreateLinkCommandOutput } from "./commands/CreateLinkCommand"; import { CreateSinkCommandInput, CreateSinkCommandOutput } from "./commands/CreateSinkCommand"; import { DeleteLinkCommandInput, DeleteLinkCommandOutput } from "./commands/DeleteLinkCommand"; @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type OAMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type OAMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -319,8 +325,8 @@ export class OAMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -329,8 +335,14 @@ export class OAMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -341,4 +353,13 @@ export class OAMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOAMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OAMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-oam/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-oam/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fc4d0f3f82fbd --- /dev/null +++ b/clients/client-oam/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OAMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OAMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OAMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OAMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OAMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OAMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-oam/src/auth/httpAuthSchemeProvider.ts b/clients/client-oam/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0446f04aae42b --- /dev/null +++ b/clients/client-oam/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OAMClientConfig, OAMClientResolvedConfig } from "../OAMClient"; + +/** + * @internal + */ +export interface OAMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OAMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OAMClientResolvedConfig, + HandlerExecutionContext, + OAMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOAMHttpAuthSchemeParametersProvider = async ( + config: OAMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OAMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "oam", + region: authParameters.region, + }, + propertiesExtractor: (config: OAMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OAMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOAMHttpAuthSchemeProvider: OAMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-oam/src/extensionConfiguration.ts b/clients/client-oam/src/extensionConfiguration.ts index a50ba55b92bb0..a49f29b809b2b 100644 --- a/clients/client-oam/src/extensionConfiguration.ts +++ b/clients/client-oam/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OAMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-oam/src/runtimeConfig.shared.ts b/clients/client-oam/src/runtimeConfig.shared.ts index 060e9dfdc27f0..e56bca689ba72 100644 --- a/clients/client-oam/src/runtimeConfig.shared.ts +++ b/clients/client-oam/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOAMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OAMClientConfig } from "./OAMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OAMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOAMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OAM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-oam/src/runtimeExtensions.ts b/clients/client-oam/src/runtimeExtensions.ts index 387348ea63a8d..0db66489777c1 100644 --- a/clients/client-oam/src/runtimeExtensions.ts +++ b/clients/client-oam/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OAMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-omics/package.json b/clients/client-omics/package.json index 21b11119cd07e..37330a1fca6de 100644 --- a/clients/client-omics/package.json +++ b/clients/client-omics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-omics/src/OmicsClient.ts b/clients/client-omics/src/OmicsClient.ts index a44f482e1bb24..5e30c6733ff00 100644 --- a/clients/client-omics/src/OmicsClient.ts +++ b/clients/client-omics/src/OmicsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOmicsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AbortMultipartReadSetUploadCommandInput, AbortMultipartReadSetUploadCommandOutput, @@ -526,21 +531,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -585,8 +591,8 @@ export type OmicsClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -605,8 +611,8 @@ export type OmicsClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -638,8 +644,8 @@ export class OmicsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -648,8 +654,14 @@ export class OmicsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -660,4 +672,13 @@ export class OmicsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOmicsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OmicsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-omics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-omics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..66ee471f09409 --- /dev/null +++ b/clients/client-omics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OmicsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OmicsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OmicsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OmicsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OmicsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OmicsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-omics/src/auth/httpAuthSchemeProvider.ts b/clients/client-omics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ed59a49e309e1 --- /dev/null +++ b/clients/client-omics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OmicsClientConfig, OmicsClientResolvedConfig } from "../OmicsClient"; + +/** + * @internal + */ +export interface OmicsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OmicsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OmicsClientResolvedConfig, + HandlerExecutionContext, + OmicsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOmicsHttpAuthSchemeParametersProvider = async ( + config: OmicsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OmicsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "omics", + region: authParameters.region, + }, + propertiesExtractor: (config: OmicsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OmicsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOmicsHttpAuthSchemeProvider: OmicsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OmicsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OmicsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-omics/src/extensionConfiguration.ts b/clients/client-omics/src/extensionConfiguration.ts index 3ae365f7c6f48..28689daeb7242 100644 --- a/clients/client-omics/src/extensionConfiguration.ts +++ b/clients/client-omics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OmicsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-omics/src/runtimeConfig.shared.ts b/clients/client-omics/src/runtimeConfig.shared.ts index c6123804f527b..5204bda877a51 100644 --- a/clients/client-omics/src/runtimeConfig.shared.ts +++ b/clients/client-omics/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOmicsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OmicsClientConfig } from "./OmicsClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: OmicsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOmicsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "Omics", diff --git a/clients/client-omics/src/runtimeExtensions.ts b/clients/client-omics/src/runtimeExtensions.ts index dec03a484386e..d89a0a1830359 100644 --- a/clients/client-omics/src/runtimeExtensions.ts +++ b/clients/client-omics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OmicsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-opensearch/package.json b/clients/client-opensearch/package.json index 34fee8f545b6e..4492c7e8f2ba5 100644 --- a/clients/client-opensearch/package.json +++ b/clients/client-opensearch/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-opensearch/src/OpenSearchClient.ts b/clients/client-opensearch/src/OpenSearchClient.ts index 5a354206a3149..1c20416d3461b 100644 --- a/clients/client-opensearch/src/OpenSearchClient.ts +++ b/clients/client-opensearch/src/OpenSearchClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOpenSearchHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptInboundConnectionCommandInput, AcceptInboundConnectionCommandOutput, @@ -450,21 +455,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -503,8 +509,8 @@ export type OpenSearchClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -523,8 +529,8 @@ export type OpenSearchClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -564,8 +570,8 @@ export class OpenSearchClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -574,8 +580,14 @@ export class OpenSearchClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -586,4 +598,13 @@ export class OpenSearchClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOpenSearchHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OpenSearchClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-opensearch/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-opensearch/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c98fe3ba1c1c0 --- /dev/null +++ b/clients/client-opensearch/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OpenSearchHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpenSearchHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OpenSearchHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OpenSearchHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpenSearchHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OpenSearchHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-opensearch/src/auth/httpAuthSchemeProvider.ts b/clients/client-opensearch/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7a08dba327c7d --- /dev/null +++ b/clients/client-opensearch/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OpenSearchClientConfig, OpenSearchClientResolvedConfig } from "../OpenSearchClient"; + +/** + * @internal + */ +export interface OpenSearchHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OpenSearchHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OpenSearchClientResolvedConfig, + HandlerExecutionContext, + OpenSearchHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOpenSearchHttpAuthSchemeParametersProvider = async ( + config: OpenSearchClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OpenSearchHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "es", + region: authParameters.region, + }, + propertiesExtractor: (config: OpenSearchClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OpenSearchHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOpenSearchHttpAuthSchemeProvider: OpenSearchHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OpenSearchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OpenSearchHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-opensearch/src/extensionConfiguration.ts b/clients/client-opensearch/src/extensionConfiguration.ts index daf4f18ce81dd..21d3fe34b9ce9 100644 --- a/clients/client-opensearch/src/extensionConfiguration.ts +++ b/clients/client-opensearch/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OpenSearchExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-opensearch/src/runtimeConfig.shared.ts b/clients/client-opensearch/src/runtimeConfig.shared.ts index 064e695cb00c3..00f3ef018cc07 100644 --- a/clients/client-opensearch/src/runtimeConfig.shared.ts +++ b/clients/client-opensearch/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOpenSearchHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OpenSearchClientConfig } from "./OpenSearchClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OpenSearchClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOpenSearchHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OpenSearch", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-opensearch/src/runtimeExtensions.ts b/clients/client-opensearch/src/runtimeExtensions.ts index a09ee32fe823e..410acd5de80af 100644 --- a/clients/client-opensearch/src/runtimeExtensions.ts +++ b/clients/client-opensearch/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OpenSearchExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-opensearchserverless/package.json b/clients/client-opensearchserverless/package.json index 2a66ccec8042c..1a54ab6644c66 100644 --- a/clients/client-opensearchserverless/package.json +++ b/clients/client-opensearchserverless/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-opensearchserverless/src/OpenSearchServerlessClient.ts b/clients/client-opensearchserverless/src/OpenSearchServerlessClient.ts index 760384b339e4f..f957738dd9fd3 100644 --- a/clients/client-opensearchserverless/src/OpenSearchServerlessClient.ts +++ b/clients/client-opensearchserverless/src/OpenSearchServerlessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOpenSearchServerlessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetCollectionCommandInput, BatchGetCollectionCommandOutput } from "./commands/BatchGetCollectionCommand"; import { BatchGetEffectiveLifecyclePolicyCommandInput, @@ -318,21 +323,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -371,8 +377,8 @@ export type OpenSearchServerlessClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -391,8 +397,8 @@ export type OpenSearchServerlessClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -432,8 +438,8 @@ export class OpenSearchServerlessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -442,8 +448,14 @@ export class OpenSearchServerlessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -454,4 +466,13 @@ export class OpenSearchServerlessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOpenSearchServerlessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OpenSearchServerlessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-opensearchserverless/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-opensearchserverless/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..bf2581a35382d --- /dev/null +++ b/clients/client-opensearchserverless/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OpenSearchServerlessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpenSearchServerlessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OpenSearchServerlessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OpenSearchServerlessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpenSearchServerlessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OpenSearchServerlessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-opensearchserverless/src/auth/httpAuthSchemeProvider.ts b/clients/client-opensearchserverless/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5adca0417cf3c --- /dev/null +++ b/clients/client-opensearchserverless/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + OpenSearchServerlessClientConfig, + OpenSearchServerlessClientResolvedConfig, +} from "../OpenSearchServerlessClient"; + +/** + * @internal + */ +export interface OpenSearchServerlessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OpenSearchServerlessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OpenSearchServerlessClientResolvedConfig, + HandlerExecutionContext, + OpenSearchServerlessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOpenSearchServerlessHttpAuthSchemeParametersProvider = async ( + config: OpenSearchServerlessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: OpenSearchServerlessHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "aoss", + region: authParameters.region, + }, + propertiesExtractor: (config: OpenSearchServerlessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OpenSearchServerlessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOpenSearchServerlessHttpAuthSchemeProvider: OpenSearchServerlessHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OpenSearchServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OpenSearchServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-opensearchserverless/src/extensionConfiguration.ts b/clients/client-opensearchserverless/src/extensionConfiguration.ts index d47f077d34a2d..25eed5ae768fc 100644 --- a/clients/client-opensearchserverless/src/extensionConfiguration.ts +++ b/clients/client-opensearchserverless/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OpenSearchServerlessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-opensearchserverless/src/runtimeConfig.shared.ts b/clients/client-opensearchserverless/src/runtimeConfig.shared.ts index cf22bd5a101d0..5d9645bbe1406 100644 --- a/clients/client-opensearchserverless/src/runtimeConfig.shared.ts +++ b/clients/client-opensearchserverless/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOpenSearchServerlessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OpenSearchServerlessClientConfig } from "./OpenSearchServerlessClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OpenSearchServerlessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOpenSearchServerlessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OpenSearchServerless", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-opensearchserverless/src/runtimeExtensions.ts b/clients/client-opensearchserverless/src/runtimeExtensions.ts index 38c333c6bbd17..a88f4df6e5558 100644 --- a/clients/client-opensearchserverless/src/runtimeExtensions.ts +++ b/clients/client-opensearchserverless/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OpenSearchServerlessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-opsworks/package.json b/clients/client-opsworks/package.json index c505f03800d8c..9fcd0d38416f5 100644 --- a/clients/client-opsworks/package.json +++ b/clients/client-opsworks/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-opsworks/src/OpsWorksClient.ts b/clients/client-opsworks/src/OpsWorksClient.ts index 74154e349464a..79cba58b1c11d 100644 --- a/clients/client-opsworks/src/OpsWorksClient.ts +++ b/clients/client-opsworks/src/OpsWorksClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOpsWorksHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssignInstanceCommandInput, AssignInstanceCommandOutput } from "./commands/AssignInstanceCommand"; import { AssignVolumeCommandInput, AssignVolumeCommandOutput } from "./commands/AssignVolumeCommand"; import { AssociateElasticIpCommandInput, AssociateElasticIpCommandOutput } from "./commands/AssociateElasticIpCommand"; @@ -456,21 +461,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -509,8 +515,8 @@ export type OpsWorksClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -529,8 +535,8 @@ export type OpsWorksClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -675,8 +681,8 @@ export class OpsWorksClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -685,8 +691,14 @@ export class OpsWorksClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -697,4 +709,13 @@ export class OpsWorksClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOpsWorksHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OpsWorksClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-opsworks/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-opsworks/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fe65f1d4a3b3b --- /dev/null +++ b/clients/client-opsworks/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OpsWorksHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpsWorksHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OpsWorksHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OpsWorksHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpsWorksHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OpsWorksHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-opsworks/src/auth/httpAuthSchemeProvider.ts b/clients/client-opsworks/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ef207cc3357db --- /dev/null +++ b/clients/client-opsworks/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OpsWorksClientConfig, OpsWorksClientResolvedConfig } from "../OpsWorksClient"; + +/** + * @internal + */ +export interface OpsWorksHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OpsWorksHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OpsWorksClientResolvedConfig, + HandlerExecutionContext, + OpsWorksHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOpsWorksHttpAuthSchemeParametersProvider = async ( + config: OpsWorksClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OpsWorksHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "opsworks", + region: authParameters.region, + }, + propertiesExtractor: (config: OpsWorksClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OpsWorksHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOpsWorksHttpAuthSchemeProvider: OpsWorksHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OpsWorksHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OpsWorksHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-opsworks/src/extensionConfiguration.ts b/clients/client-opsworks/src/extensionConfiguration.ts index f77d384b602bb..1fe5dfd931615 100644 --- a/clients/client-opsworks/src/extensionConfiguration.ts +++ b/clients/client-opsworks/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OpsWorksExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-opsworks/src/runtimeConfig.shared.ts b/clients/client-opsworks/src/runtimeConfig.shared.ts index c19873e8d77e9..500200b7af344 100644 --- a/clients/client-opsworks/src/runtimeConfig.shared.ts +++ b/clients/client-opsworks/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOpsWorksHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OpsWorksClientConfig } from "./OpsWorksClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OpsWorksClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOpsWorksHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OpsWorks", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-opsworks/src/runtimeExtensions.ts b/clients/client-opsworks/src/runtimeExtensions.ts index 1a80d9d7f3e18..ced6209fc371e 100644 --- a/clients/client-opsworks/src/runtimeExtensions.ts +++ b/clients/client-opsworks/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OpsWorksExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-opsworkscm/package.json b/clients/client-opsworkscm/package.json index 1adb1dfed823c..1b33065d662a5 100644 --- a/clients/client-opsworkscm/package.json +++ b/clients/client-opsworkscm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-opsworkscm/src/OpsWorksCMClient.ts b/clients/client-opsworkscm/src/OpsWorksCMClient.ts index 1f16219297ae6..57ac464915a62 100644 --- a/clients/client-opsworkscm/src/OpsWorksCMClient.ts +++ b/clients/client-opsworkscm/src/OpsWorksCMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOpsWorksCMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateNodeCommandInput, AssociateNodeCommandOutput } from "./commands/AssociateNodeCommand"; import { CreateBackupCommandInput, CreateBackupCommandOutput } from "./commands/CreateBackupCommand"; import { CreateServerCommandInput, CreateServerCommandOutput } from "./commands/CreateServerCommand"; @@ -228,21 +233,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -281,8 +287,8 @@ export type OpsWorksCMClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export type OpsWorksCMClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -420,8 +426,8 @@ export class OpsWorksCMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -430,8 +436,14 @@ export class OpsWorksCMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -442,4 +454,13 @@ export class OpsWorksCMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOpsWorksCMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OpsWorksCMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-opsworkscm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-opsworkscm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a38776db9288a --- /dev/null +++ b/clients/client-opsworkscm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OpsWorksCMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpsWorksCMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OpsWorksCMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OpsWorksCMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OpsWorksCMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OpsWorksCMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-opsworkscm/src/auth/httpAuthSchemeProvider.ts b/clients/client-opsworkscm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0fed1e6ef328c --- /dev/null +++ b/clients/client-opsworkscm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OpsWorksCMClientConfig, OpsWorksCMClientResolvedConfig } from "../OpsWorksCMClient"; + +/** + * @internal + */ +export interface OpsWorksCMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OpsWorksCMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OpsWorksCMClientResolvedConfig, + HandlerExecutionContext, + OpsWorksCMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOpsWorksCMHttpAuthSchemeParametersProvider = async ( + config: OpsWorksCMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OpsWorksCMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "opsworks-cm", + region: authParameters.region, + }, + propertiesExtractor: (config: OpsWorksCMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OpsWorksCMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOpsWorksCMHttpAuthSchemeProvider: OpsWorksCMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OpsWorksCMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OpsWorksCMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-opsworkscm/src/extensionConfiguration.ts b/clients/client-opsworkscm/src/extensionConfiguration.ts index 77bf2f1bbe760..4a863ec504c6b 100644 --- a/clients/client-opsworkscm/src/extensionConfiguration.ts +++ b/clients/client-opsworkscm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OpsWorksCMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-opsworkscm/src/runtimeConfig.shared.ts b/clients/client-opsworkscm/src/runtimeConfig.shared.ts index d9b64267d7f82..b90300b42341f 100644 --- a/clients/client-opsworkscm/src/runtimeConfig.shared.ts +++ b/clients/client-opsworkscm/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOpsWorksCMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OpsWorksCMClientConfig } from "./OpsWorksCMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OpsWorksCMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOpsWorksCMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OpsWorksCM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-opsworkscm/src/runtimeExtensions.ts b/clients/client-opsworkscm/src/runtimeExtensions.ts index a5948548789bf..bd1d2fd687963 100644 --- a/clients/client-opsworkscm/src/runtimeExtensions.ts +++ b/clients/client-opsworkscm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OpsWorksCMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-organizations/package.json b/clients/client-organizations/package.json index d6d3d0209362e..c07df25c47c7b 100644 --- a/clients/client-organizations/package.json +++ b/clients/client-organizations/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-organizations/src/OrganizationsClient.ts b/clients/client-organizations/src/OrganizationsClient.ts index 3c4d10bfef3c7..77d78d0a88ee6 100644 --- a/clients/client-organizations/src/OrganizationsClient.ts +++ b/clients/client-organizations/src/OrganizationsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOrganizationsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptHandshakeCommandInput, AcceptHandshakeCommandOutput } from "./commands/AcceptHandshakeCommand"; import { AttachPolicyCommandInput, AttachPolicyCommandOutput } from "./commands/AttachPolicyCommand"; import { CancelHandshakeCommandInput, CancelHandshakeCommandOutput } from "./commands/CancelHandshakeCommand"; @@ -402,21 +407,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -455,8 +461,8 @@ export type OrganizationsClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -475,8 +481,8 @@ export type OrganizationsClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -578,8 +584,8 @@ export class OrganizationsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -588,8 +594,14 @@ export class OrganizationsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -600,4 +612,13 @@ export class OrganizationsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOrganizationsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OrganizationsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-organizations/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-organizations/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..42a9ce727a48c --- /dev/null +++ b/clients/client-organizations/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OrganizationsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OrganizationsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OrganizationsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OrganizationsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OrganizationsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OrganizationsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-organizations/src/auth/httpAuthSchemeProvider.ts b/clients/client-organizations/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..94aff0a726ce2 --- /dev/null +++ b/clients/client-organizations/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OrganizationsClientConfig, OrganizationsClientResolvedConfig } from "../OrganizationsClient"; + +/** + * @internal + */ +export interface OrganizationsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OrganizationsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OrganizationsClientResolvedConfig, + HandlerExecutionContext, + OrganizationsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOrganizationsHttpAuthSchemeParametersProvider = async ( + config: OrganizationsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OrganizationsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "organizations", + region: authParameters.region, + }, + propertiesExtractor: (config: OrganizationsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OrganizationsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOrganizationsHttpAuthSchemeProvider: OrganizationsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OrganizationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OrganizationsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-organizations/src/extensionConfiguration.ts b/clients/client-organizations/src/extensionConfiguration.ts index a2a9307872b16..604b7bfb6b4fa 100644 --- a/clients/client-organizations/src/extensionConfiguration.ts +++ b/clients/client-organizations/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OrganizationsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-organizations/src/runtimeConfig.shared.ts b/clients/client-organizations/src/runtimeConfig.shared.ts index a0f3698308d88..c35c029ee96b2 100644 --- a/clients/client-organizations/src/runtimeConfig.shared.ts +++ b/clients/client-organizations/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOrganizationsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OrganizationsClientConfig } from "./OrganizationsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OrganizationsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOrganizationsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Organizations", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-organizations/src/runtimeExtensions.ts b/clients/client-organizations/src/runtimeExtensions.ts index ee7864db69508..15aaae8614eda 100644 --- a/clients/client-organizations/src/runtimeExtensions.ts +++ b/clients/client-organizations/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OrganizationsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-osis/package.json b/clients/client-osis/package.json index ba3f9bb31111f..79ee773105279 100644 --- a/clients/client-osis/package.json +++ b/clients/client-osis/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-osis/src/OSISClient.ts b/clients/client-osis/src/OSISClient.ts index c03aea4e82511..3cf4f73ecfdcb 100644 --- a/clients/client-osis/src/OSISClient.ts +++ b/clients/client-osis/src/OSISClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOSISHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreatePipelineCommandInput, CreatePipelineCommandOutput } from "./commands/CreatePipelineCommand"; import { DeletePipelineCommandInput, DeletePipelineCommandOutput } from "./commands/DeletePipelineCommand"; import { @@ -210,21 +215,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -263,8 +269,8 @@ export type OSISClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -283,8 +289,8 @@ export type OSISClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -317,8 +323,8 @@ export class OSISClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -327,8 +333,14 @@ export class OSISClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -339,4 +351,13 @@ export class OSISClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOSISHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OSISClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-osis/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-osis/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4922e9720b564 --- /dev/null +++ b/clients/client-osis/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OSISHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OSISHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OSISHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OSISHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OSISHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OSISHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-osis/src/auth/httpAuthSchemeProvider.ts b/clients/client-osis/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..07d7e31736cf9 --- /dev/null +++ b/clients/client-osis/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OSISClientConfig, OSISClientResolvedConfig } from "../OSISClient"; + +/** + * @internal + */ +export interface OSISHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OSISHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OSISClientResolvedConfig, + HandlerExecutionContext, + OSISHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOSISHttpAuthSchemeParametersProvider = async ( + config: OSISClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OSISHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "osis", + region: authParameters.region, + }, + propertiesExtractor: (config: OSISClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OSISHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOSISHttpAuthSchemeProvider: OSISHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OSISHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OSISHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-osis/src/extensionConfiguration.ts b/clients/client-osis/src/extensionConfiguration.ts index a4ec215db255e..4d87eb3f0c871 100644 --- a/clients/client-osis/src/extensionConfiguration.ts +++ b/clients/client-osis/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OSISExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-osis/src/runtimeConfig.shared.ts b/clients/client-osis/src/runtimeConfig.shared.ts index c62471dfc7f63..c1ed192d363b7 100644 --- a/clients/client-osis/src/runtimeConfig.shared.ts +++ b/clients/client-osis/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOSISHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OSISClientConfig } from "./OSISClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OSISClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOSISHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "OSIS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-osis/src/runtimeExtensions.ts b/clients/client-osis/src/runtimeExtensions.ts index 0baced18f8c04..a600226db7277 100644 --- a/clients/client-osis/src/runtimeExtensions.ts +++ b/clients/client-osis/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OSISExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-outposts/package.json b/clients/client-outposts/package.json index 2b78ac9e52805..51e376bdbbefb 100644 --- a/clients/client-outposts/package.json +++ b/clients/client-outposts/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-outposts/src/OutpostsClient.ts b/clients/client-outposts/src/OutpostsClient.ts index f9e0623139e1e..1ba706c41a18d 100644 --- a/clients/client-outposts/src/OutpostsClient.ts +++ b/clients/client-outposts/src/OutpostsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultOutpostsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelOrderCommandInput, CancelOrderCommandOutput } from "./commands/CancelOrderCommand"; import { CreateOrderCommandInput, CreateOrderCommandOutput } from "./commands/CreateOrderCommand"; import { CreateOutpostCommandInput, CreateOutpostCommandOutput } from "./commands/CreateOutpostCommand"; @@ -243,21 +248,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -296,8 +302,8 @@ export type OutpostsClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -316,8 +322,8 @@ export type OutpostsClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -352,8 +358,8 @@ export class OutpostsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -362,8 +368,14 @@ export class OutpostsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -374,4 +386,13 @@ export class OutpostsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultOutpostsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: OutpostsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-outposts/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-outposts/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d6b1b6c75775c --- /dev/null +++ b/clients/client-outposts/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { OutpostsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OutpostsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): OutpostsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: OutpostsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: OutpostsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): OutpostsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-outposts/src/auth/httpAuthSchemeProvider.ts b/clients/client-outposts/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..106702c311748 --- /dev/null +++ b/clients/client-outposts/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { OutpostsClientConfig, OutpostsClientResolvedConfig } from "../OutpostsClient"; + +/** + * @internal + */ +export interface OutpostsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface OutpostsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + OutpostsClientResolvedConfig, + HandlerExecutionContext, + OutpostsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultOutpostsHttpAuthSchemeParametersProvider = async ( + config: OutpostsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: OutpostsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "outposts", + region: authParameters.region, + }, + propertiesExtractor: (config: OutpostsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface OutpostsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultOutpostsHttpAuthSchemeProvider: OutpostsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: OutpostsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: OutpostsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-outposts/src/extensionConfiguration.ts b/clients/client-outposts/src/extensionConfiguration.ts index 517bf2e4a49fc..5bbc8aea91b14 100644 --- a/clients/client-outposts/src/extensionConfiguration.ts +++ b/clients/client-outposts/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface OutpostsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-outposts/src/runtimeConfig.shared.ts b/clients/client-outposts/src/runtimeConfig.shared.ts index 0502e2cf38f69..0f2cd6fe583c3 100644 --- a/clients/client-outposts/src/runtimeConfig.shared.ts +++ b/clients/client-outposts/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultOutpostsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { OutpostsClientConfig } from "./OutpostsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: OutpostsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultOutpostsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Outposts", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-outposts/src/runtimeExtensions.ts b/clients/client-outposts/src/runtimeExtensions.ts index f8862332dc994..6d6331289d297 100644 --- a/clients/client-outposts/src/runtimeExtensions.ts +++ b/clients/client-outposts/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { OutpostsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-panorama/package.json b/clients/client-panorama/package.json index 9d91019acf894..df83c03452e31 100644 --- a/clients/client-panorama/package.json +++ b/clients/client-panorama/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-panorama/src/PanoramaClient.ts b/clients/client-panorama/src/PanoramaClient.ts index 1c9f434eb72d3..3bdfc6515a9c0 100644 --- a/clients/client-panorama/src/PanoramaClient.ts +++ b/clients/client-panorama/src/PanoramaClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPanoramaHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationInstanceCommandInput, CreateApplicationInstanceCommandOutput, @@ -318,21 +323,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -371,8 +377,8 @@ export type PanoramaClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -391,8 +397,8 @@ export type PanoramaClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -428,8 +434,8 @@ export class PanoramaClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -438,8 +444,14 @@ export class PanoramaClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -450,4 +462,13 @@ export class PanoramaClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPanoramaHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PanoramaClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-panorama/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-panorama/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..90ab8a86dc756 --- /dev/null +++ b/clients/client-panorama/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PanoramaHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PanoramaHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PanoramaHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PanoramaHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PanoramaHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PanoramaHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-panorama/src/auth/httpAuthSchemeProvider.ts b/clients/client-panorama/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..49d82f70c4a81 --- /dev/null +++ b/clients/client-panorama/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PanoramaClientConfig, PanoramaClientResolvedConfig } from "../PanoramaClient"; + +/** + * @internal + */ +export interface PanoramaHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PanoramaHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PanoramaClientResolvedConfig, + HandlerExecutionContext, + PanoramaHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPanoramaHttpAuthSchemeParametersProvider = async ( + config: PanoramaClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PanoramaHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "panorama", + region: authParameters.region, + }, + propertiesExtractor: (config: PanoramaClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PanoramaHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPanoramaHttpAuthSchemeProvider: PanoramaHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PanoramaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PanoramaHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-panorama/src/extensionConfiguration.ts b/clients/client-panorama/src/extensionConfiguration.ts index cd5e5b3157972..f497a6562314f 100644 --- a/clients/client-panorama/src/extensionConfiguration.ts +++ b/clients/client-panorama/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PanoramaExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-panorama/src/runtimeConfig.shared.ts b/clients/client-panorama/src/runtimeConfig.shared.ts index 6ccbeed73bd60..710c0d0b5705b 100644 --- a/clients/client-panorama/src/runtimeConfig.shared.ts +++ b/clients/client-panorama/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPanoramaHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PanoramaClientConfig } from "./PanoramaClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PanoramaClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPanoramaHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Panorama", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-panorama/src/runtimeExtensions.ts b/clients/client-panorama/src/runtimeExtensions.ts index 72a018056b96d..37f337e3a566b 100644 --- a/clients/client-panorama/src/runtimeExtensions.ts +++ b/clients/client-panorama/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PanoramaExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-payment-cryptography-data/package.json b/clients/client-payment-cryptography-data/package.json index 56747e96561c8..ef7f5680f485a 100644 --- a/clients/client-payment-cryptography-data/package.json +++ b/clients/client-payment-cryptography-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-payment-cryptography-data/src/PaymentCryptographyDataClient.ts b/clients/client-payment-cryptography-data/src/PaymentCryptographyDataClient.ts index 355249fad181b..7bc1d081d1d48 100644 --- a/clients/client-payment-cryptography-data/src/PaymentCryptographyDataClient.ts +++ b/clients/client-payment-cryptography-data/src/PaymentCryptographyDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPaymentCryptographyDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DecryptDataCommandInput, DecryptDataCommandOutput } from "./commands/DecryptDataCommand"; import { EncryptDataCommandInput, EncryptDataCommandOutput } from "./commands/EncryptDataCommand"; import { @@ -198,21 +203,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -251,8 +257,8 @@ export type PaymentCryptographyDataClientConfigType = Partial<__SmithyConfigurat EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -271,8 +277,8 @@ export type PaymentCryptographyDataClientResolvedConfigType = __SmithyResolvedCo EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -304,8 +310,8 @@ export class PaymentCryptographyDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -314,8 +320,14 @@ export class PaymentCryptographyDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -326,4 +338,13 @@ export class PaymentCryptographyDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPaymentCryptographyDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PaymentCryptographyDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-payment-cryptography-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-payment-cryptography-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ba8e0ba1946a3 --- /dev/null +++ b/clients/client-payment-cryptography-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PaymentCryptographyDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PaymentCryptographyDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PaymentCryptographyDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PaymentCryptographyDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PaymentCryptographyDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PaymentCryptographyDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-payment-cryptography-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-payment-cryptography-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..017c0d0d3e881 --- /dev/null +++ b/clients/client-payment-cryptography-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + PaymentCryptographyDataClientConfig, + PaymentCryptographyDataClientResolvedConfig, +} from "../PaymentCryptographyDataClient"; + +/** + * @internal + */ +export interface PaymentCryptographyDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PaymentCryptographyDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PaymentCryptographyDataClientResolvedConfig, + HandlerExecutionContext, + PaymentCryptographyDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPaymentCryptographyDataHttpAuthSchemeParametersProvider = async ( + config: PaymentCryptographyDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: PaymentCryptographyDataHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "payment-cryptography", + region: authParameters.region, + }, + propertiesExtractor: (config: PaymentCryptographyDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PaymentCryptographyDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPaymentCryptographyDataHttpAuthSchemeProvider: PaymentCryptographyDataHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PaymentCryptographyDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PaymentCryptographyDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-payment-cryptography-data/src/extensionConfiguration.ts b/clients/client-payment-cryptography-data/src/extensionConfiguration.ts index 5c609d7d9fd37..31c7d9f37eeec 100644 --- a/clients/client-payment-cryptography-data/src/extensionConfiguration.ts +++ b/clients/client-payment-cryptography-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PaymentCryptographyDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-payment-cryptography-data/src/runtimeConfig.shared.ts b/clients/client-payment-cryptography-data/src/runtimeConfig.shared.ts index 4cd9cd8a52de1..5f6c88759885d 100644 --- a/clients/client-payment-cryptography-data/src/runtimeConfig.shared.ts +++ b/clients/client-payment-cryptography-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPaymentCryptographyDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PaymentCryptographyDataClientConfig } from "./PaymentCryptographyDataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PaymentCryptographyDataClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPaymentCryptographyDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Payment Cryptography Data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-payment-cryptography-data/src/runtimeExtensions.ts b/clients/client-payment-cryptography-data/src/runtimeExtensions.ts index 043de0446a5c5..f3ce2f272137d 100644 --- a/clients/client-payment-cryptography-data/src/runtimeExtensions.ts +++ b/clients/client-payment-cryptography-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PaymentCryptographyDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-payment-cryptography/package.json b/clients/client-payment-cryptography/package.json index 803c815ee478b..9ba21f884e052 100644 --- a/clients/client-payment-cryptography/package.json +++ b/clients/client-payment-cryptography/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-payment-cryptography/src/PaymentCryptographyClient.ts b/clients/client-payment-cryptography/src/PaymentCryptographyClient.ts index 53a55b11bebb2..d3e92dcc88d27 100644 --- a/clients/client-payment-cryptography/src/PaymentCryptographyClient.ts +++ b/clients/client-payment-cryptography/src/PaymentCryptographyClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPaymentCryptographyHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAliasCommandInput, CreateAliasCommandOutput } from "./commands/CreateAliasCommand"; import { CreateKeyCommandInput, CreateKeyCommandOutput } from "./commands/CreateKeyCommand"; import { DeleteAliasCommandInput, DeleteAliasCommandOutput } from "./commands/DeleteAliasCommand"; @@ -228,21 +233,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -281,8 +287,8 @@ export type PaymentCryptographyClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export type PaymentCryptographyClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export class PaymentCryptographyClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -347,8 +353,14 @@ export class PaymentCryptographyClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -359,4 +371,13 @@ export class PaymentCryptographyClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPaymentCryptographyHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PaymentCryptographyClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-payment-cryptography/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-payment-cryptography/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a93fd55d0f6c3 --- /dev/null +++ b/clients/client-payment-cryptography/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PaymentCryptographyHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PaymentCryptographyHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PaymentCryptographyHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PaymentCryptographyHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PaymentCryptographyHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PaymentCryptographyHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-payment-cryptography/src/auth/httpAuthSchemeProvider.ts b/clients/client-payment-cryptography/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3d4071d612d02 --- /dev/null +++ b/clients/client-payment-cryptography/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PaymentCryptographyClientConfig, PaymentCryptographyClientResolvedConfig } from "../PaymentCryptographyClient"; + +/** + * @internal + */ +export interface PaymentCryptographyHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PaymentCryptographyHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PaymentCryptographyClientResolvedConfig, + HandlerExecutionContext, + PaymentCryptographyHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPaymentCryptographyHttpAuthSchemeParametersProvider = async ( + config: PaymentCryptographyClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PaymentCryptographyHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "payment-cryptography", + region: authParameters.region, + }, + propertiesExtractor: (config: PaymentCryptographyClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PaymentCryptographyHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPaymentCryptographyHttpAuthSchemeProvider: PaymentCryptographyHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PaymentCryptographyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PaymentCryptographyHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-payment-cryptography/src/extensionConfiguration.ts b/clients/client-payment-cryptography/src/extensionConfiguration.ts index 31e0294586d02..8a93978bb2a94 100644 --- a/clients/client-payment-cryptography/src/extensionConfiguration.ts +++ b/clients/client-payment-cryptography/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PaymentCryptographyExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-payment-cryptography/src/runtimeConfig.shared.ts b/clients/client-payment-cryptography/src/runtimeConfig.shared.ts index ab59ae6ce6559..23db029533814 100644 --- a/clients/client-payment-cryptography/src/runtimeConfig.shared.ts +++ b/clients/client-payment-cryptography/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPaymentCryptographyHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PaymentCryptographyClientConfig } from "./PaymentCryptographyClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PaymentCryptographyClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPaymentCryptographyHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Payment Cryptography", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-payment-cryptography/src/runtimeExtensions.ts b/clients/client-payment-cryptography/src/runtimeExtensions.ts index e2495d194e678..e6d4c87cb20cf 100644 --- a/clients/client-payment-cryptography/src/runtimeExtensions.ts +++ b/clients/client-payment-cryptography/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PaymentCryptographyExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pca-connector-ad/package.json b/clients/client-pca-connector-ad/package.json index d7969dd012f03..1842b573b418c 100644 --- a/clients/client-pca-connector-ad/package.json +++ b/clients/client-pca-connector-ad/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-pca-connector-ad/src/PcaConnectorAdClient.ts b/clients/client-pca-connector-ad/src/PcaConnectorAdClient.ts index 0300937ec494f..717d5cc7b8fd5 100644 --- a/clients/client-pca-connector-ad/src/PcaConnectorAdClient.ts +++ b/clients/client-pca-connector-ad/src/PcaConnectorAdClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPcaConnectorAdHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateConnectorCommandInput, CreateConnectorCommandOutput } from "./commands/CreateConnectorCommand"; import { CreateDirectoryRegistrationCommandInput, @@ -273,21 +278,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -326,8 +332,8 @@ export type PcaConnectorAdClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -346,8 +352,8 @@ export type PcaConnectorAdClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -380,8 +386,8 @@ export class PcaConnectorAdClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -390,8 +396,14 @@ export class PcaConnectorAdClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -402,4 +414,13 @@ export class PcaConnectorAdClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPcaConnectorAdHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PcaConnectorAdClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pca-connector-ad/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pca-connector-ad/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d6e8b9096affb --- /dev/null +++ b/clients/client-pca-connector-ad/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PcaConnectorAdHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PcaConnectorAdHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PcaConnectorAdHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PcaConnectorAdHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PcaConnectorAdHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PcaConnectorAdHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pca-connector-ad/src/auth/httpAuthSchemeProvider.ts b/clients/client-pca-connector-ad/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..57d9b6b7fbfb8 --- /dev/null +++ b/clients/client-pca-connector-ad/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PcaConnectorAdClientConfig, PcaConnectorAdClientResolvedConfig } from "../PcaConnectorAdClient"; + +/** + * @internal + */ +export interface PcaConnectorAdHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PcaConnectorAdHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PcaConnectorAdClientResolvedConfig, + HandlerExecutionContext, + PcaConnectorAdHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPcaConnectorAdHttpAuthSchemeParametersProvider = async ( + config: PcaConnectorAdClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PcaConnectorAdHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "pca-connector-ad", + region: authParameters.region, + }, + propertiesExtractor: (config: PcaConnectorAdClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PcaConnectorAdHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPcaConnectorAdHttpAuthSchemeProvider: PcaConnectorAdHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PcaConnectorAdHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PcaConnectorAdHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pca-connector-ad/src/extensionConfiguration.ts b/clients/client-pca-connector-ad/src/extensionConfiguration.ts index 90027d901c2ac..0d84658b75425 100644 --- a/clients/client-pca-connector-ad/src/extensionConfiguration.ts +++ b/clients/client-pca-connector-ad/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PcaConnectorAdExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pca-connector-ad/src/runtimeConfig.shared.ts b/clients/client-pca-connector-ad/src/runtimeConfig.shared.ts index 14d04c9a5ccb0..dc165a2297cbb 100644 --- a/clients/client-pca-connector-ad/src/runtimeConfig.shared.ts +++ b/clients/client-pca-connector-ad/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPcaConnectorAdHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PcaConnectorAdClientConfig } from "./PcaConnectorAdClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PcaConnectorAdClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPcaConnectorAdHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pca Connector Ad", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pca-connector-ad/src/runtimeExtensions.ts b/clients/client-pca-connector-ad/src/runtimeExtensions.ts index 741f8bb873b34..65ac966a37cc3 100644 --- a/clients/client-pca-connector-ad/src/runtimeExtensions.ts +++ b/clients/client-pca-connector-ad/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PcaConnectorAdExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-personalize-events/package.json b/clients/client-personalize-events/package.json index c55f51d1280a6..18debbf7bf2f8 100644 --- a/clients/client-personalize-events/package.json +++ b/clients/client-personalize-events/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-personalize-events/src/PersonalizeEventsClient.ts b/clients/client-personalize-events/src/PersonalizeEventsClient.ts index 3d61ba65931b2..300dd6c39886f 100644 --- a/clients/client-personalize-events/src/PersonalizeEventsClient.ts +++ b/clients/client-personalize-events/src/PersonalizeEventsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPersonalizeEventsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { PutActionInteractionsCommandInput, PutActionInteractionsCommandOutput, @@ -174,21 +179,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -227,8 +233,8 @@ export type PersonalizeEventsClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -247,8 +253,8 @@ export type PersonalizeEventsClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -281,8 +287,8 @@ export class PersonalizeEventsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -291,8 +297,14 @@ export class PersonalizeEventsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -303,4 +315,13 @@ export class PersonalizeEventsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPersonalizeEventsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PersonalizeEventsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-personalize-events/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-personalize-events/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f3bbbc9dae54f --- /dev/null +++ b/clients/client-personalize-events/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PersonalizeEventsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeEventsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PersonalizeEventsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PersonalizeEventsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeEventsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PersonalizeEventsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-personalize-events/src/auth/httpAuthSchemeProvider.ts b/clients/client-personalize-events/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dbac4d7679dbd --- /dev/null +++ b/clients/client-personalize-events/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PersonalizeEventsClientConfig, PersonalizeEventsClientResolvedConfig } from "../PersonalizeEventsClient"; + +/** + * @internal + */ +export interface PersonalizeEventsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PersonalizeEventsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PersonalizeEventsClientResolvedConfig, + HandlerExecutionContext, + PersonalizeEventsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPersonalizeEventsHttpAuthSchemeParametersProvider = async ( + config: PersonalizeEventsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PersonalizeEventsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "personalize", + region: authParameters.region, + }, + propertiesExtractor: (config: PersonalizeEventsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PersonalizeEventsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPersonalizeEventsHttpAuthSchemeProvider: PersonalizeEventsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PersonalizeEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PersonalizeEventsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-personalize-events/src/extensionConfiguration.ts b/clients/client-personalize-events/src/extensionConfiguration.ts index 2ba0e004bbba6..c2081f8efa60b 100644 --- a/clients/client-personalize-events/src/extensionConfiguration.ts +++ b/clients/client-personalize-events/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PersonalizeEventsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-personalize-events/src/runtimeConfig.shared.ts b/clients/client-personalize-events/src/runtimeConfig.shared.ts index 14c992e4f30a8..0c787257c0a77 100644 --- a/clients/client-personalize-events/src/runtimeConfig.shared.ts +++ b/clients/client-personalize-events/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPersonalizeEventsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PersonalizeEventsClientConfig } from "./PersonalizeEventsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PersonalizeEventsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPersonalizeEventsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Personalize Events", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-personalize-events/src/runtimeExtensions.ts b/clients/client-personalize-events/src/runtimeExtensions.ts index 90f6a01e6c8a9..1c7c92e32dc40 100644 --- a/clients/client-personalize-events/src/runtimeExtensions.ts +++ b/clients/client-personalize-events/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PersonalizeEventsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-personalize-runtime/package.json b/clients/client-personalize-runtime/package.json index db64cfdb7f386..2c095cc9e6c62 100644 --- a/clients/client-personalize-runtime/package.json +++ b/clients/client-personalize-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-personalize-runtime/src/PersonalizeRuntimeClient.ts b/clients/client-personalize-runtime/src/PersonalizeRuntimeClient.ts index 461297d007dae..1468ade68ed41 100644 --- a/clients/client-personalize-runtime/src/PersonalizeRuntimeClient.ts +++ b/clients/client-personalize-runtime/src/PersonalizeRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPersonalizeRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetActionRecommendationsCommandInput, GetActionRecommendationsCommandOutput, @@ -171,21 +176,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -224,8 +230,8 @@ export type PersonalizeRuntimeClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -244,8 +250,8 @@ export type PersonalizeRuntimeClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -276,8 +282,8 @@ export class PersonalizeRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -286,8 +292,14 @@ export class PersonalizeRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -298,4 +310,13 @@ export class PersonalizeRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPersonalizeRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PersonalizeRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-personalize-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-personalize-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..25caad0ef8b3a --- /dev/null +++ b/clients/client-personalize-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PersonalizeRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PersonalizeRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PersonalizeRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PersonalizeRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-personalize-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-personalize-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4d704b1328025 --- /dev/null +++ b/clients/client-personalize-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PersonalizeRuntimeClientConfig, PersonalizeRuntimeClientResolvedConfig } from "../PersonalizeRuntimeClient"; + +/** + * @internal + */ +export interface PersonalizeRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PersonalizeRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PersonalizeRuntimeClientResolvedConfig, + HandlerExecutionContext, + PersonalizeRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPersonalizeRuntimeHttpAuthSchemeParametersProvider = async ( + config: PersonalizeRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PersonalizeRuntimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "personalize", + region: authParameters.region, + }, + propertiesExtractor: (config: PersonalizeRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PersonalizeRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPersonalizeRuntimeHttpAuthSchemeProvider: PersonalizeRuntimeHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PersonalizeRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PersonalizeRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-personalize-runtime/src/extensionConfiguration.ts b/clients/client-personalize-runtime/src/extensionConfiguration.ts index 624ec6b3e1fee..13ad7bdc23a49 100644 --- a/clients/client-personalize-runtime/src/extensionConfiguration.ts +++ b/clients/client-personalize-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PersonalizeRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-personalize-runtime/src/runtimeConfig.shared.ts b/clients/client-personalize-runtime/src/runtimeConfig.shared.ts index c6dd3d0055b0f..44e4d9dfc57a2 100644 --- a/clients/client-personalize-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-personalize-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPersonalizeRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PersonalizeRuntimeClientConfig } from "./PersonalizeRuntimeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PersonalizeRuntimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPersonalizeRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Personalize Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-personalize-runtime/src/runtimeExtensions.ts b/clients/client-personalize-runtime/src/runtimeExtensions.ts index 494e5bf66519f..377980fe2ecc3 100644 --- a/clients/client-personalize-runtime/src/runtimeExtensions.ts +++ b/clients/client-personalize-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PersonalizeRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-personalize/package.json b/clients/client-personalize/package.json index 4a172aa48c448..49c91b116b962 100644 --- a/clients/client-personalize/package.json +++ b/clients/client-personalize/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-personalize/src/PersonalizeClient.ts b/clients/client-personalize/src/PersonalizeClient.ts index 03e1d14bf9648..30d3abf4fbe56 100644 --- a/clients/client-personalize/src/PersonalizeClient.ts +++ b/clients/client-personalize/src/PersonalizeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPersonalizeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBatchInferenceJobCommandInput, CreateBatchInferenceJobCommandOutput, @@ -438,21 +443,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -491,8 +497,8 @@ export type PersonalizeClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -511,8 +517,8 @@ export type PersonalizeClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -544,8 +550,8 @@ export class PersonalizeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -554,8 +560,14 @@ export class PersonalizeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -566,4 +578,13 @@ export class PersonalizeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPersonalizeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PersonalizeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-personalize/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-personalize/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c50ecb9760c58 --- /dev/null +++ b/clients/client-personalize/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PersonalizeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PersonalizeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PersonalizeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PersonalizeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PersonalizeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-personalize/src/auth/httpAuthSchemeProvider.ts b/clients/client-personalize/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6af2072e8eafb --- /dev/null +++ b/clients/client-personalize/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PersonalizeClientConfig, PersonalizeClientResolvedConfig } from "../PersonalizeClient"; + +/** + * @internal + */ +export interface PersonalizeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PersonalizeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PersonalizeClientResolvedConfig, + HandlerExecutionContext, + PersonalizeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPersonalizeHttpAuthSchemeParametersProvider = async ( + config: PersonalizeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PersonalizeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "personalize", + region: authParameters.region, + }, + propertiesExtractor: (config: PersonalizeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PersonalizeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPersonalizeHttpAuthSchemeProvider: PersonalizeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PersonalizeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PersonalizeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-personalize/src/extensionConfiguration.ts b/clients/client-personalize/src/extensionConfiguration.ts index 589136d879b90..d2e019d9cd3ae 100644 --- a/clients/client-personalize/src/extensionConfiguration.ts +++ b/clients/client-personalize/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PersonalizeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-personalize/src/runtimeConfig.shared.ts b/clients/client-personalize/src/runtimeConfig.shared.ts index eb9f85eb2ad87..09d0e4119dc03 100644 --- a/clients/client-personalize/src/runtimeConfig.shared.ts +++ b/clients/client-personalize/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPersonalizeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PersonalizeClientConfig } from "./PersonalizeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PersonalizeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPersonalizeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Personalize", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-personalize/src/runtimeExtensions.ts b/clients/client-personalize/src/runtimeExtensions.ts index e211c90c37a20..72e3872a812c3 100644 --- a/clients/client-personalize/src/runtimeExtensions.ts +++ b/clients/client-personalize/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PersonalizeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pi/package.json b/clients/client-pi/package.json index a762bdbfc8757..11e3d0e5112f2 100644 --- a/clients/client-pi/package.json +++ b/clients/client-pi/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pi/src/PIClient.ts b/clients/client-pi/src/PIClient.ts index fc4cb4b1e9003..967afacc9447b 100644 --- a/clients/client-pi/src/PIClient.ts +++ b/clients/client-pi/src/PIClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPIHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreatePerformanceAnalysisReportCommandInput, CreatePerformanceAnalysisReportCommandOutput, @@ -225,21 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -278,8 +284,8 @@ export type PIClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpti EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export type PIClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHan EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -354,8 +360,8 @@ export class PIClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -364,8 +370,14 @@ export class PIClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -376,4 +388,13 @@ export class PIClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPIHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PIClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pi/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pi/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5d2685b9c569f --- /dev/null +++ b/clients/client-pi/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PIHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PIHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PIHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PIHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PIHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PIHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pi/src/auth/httpAuthSchemeProvider.ts b/clients/client-pi/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3230c9ad79fb0 --- /dev/null +++ b/clients/client-pi/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PIClientConfig, PIClientResolvedConfig } from "../PIClient"; + +/** + * @internal + */ +export interface PIHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PIHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PIClientResolvedConfig, + HandlerExecutionContext, + PIHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPIHttpAuthSchemeParametersProvider = async ( + config: PIClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PIHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "pi", + region: authParameters.region, + }, + propertiesExtractor: (config: PIClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PIHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPIHttpAuthSchemeProvider: PIHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PIHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PIHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pi/src/extensionConfiguration.ts b/clients/client-pi/src/extensionConfiguration.ts index 498978c3cd743..41c75e10ef231 100644 --- a/clients/client-pi/src/extensionConfiguration.ts +++ b/clients/client-pi/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PIExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pi/src/runtimeConfig.shared.ts b/clients/client-pi/src/runtimeConfig.shared.ts index 8d317fa89e15b..140d2fd73ae26 100644 --- a/clients/client-pi/src/runtimeConfig.shared.ts +++ b/clients/client-pi/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPIHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PIClientConfig } from "./PIClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PIClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPIHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "PI", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pi/src/runtimeExtensions.ts b/clients/client-pi/src/runtimeExtensions.ts index 075852242f6ce..8fe5d81d23b4f 100644 --- a/clients/client-pi/src/runtimeExtensions.ts +++ b/clients/client-pi/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PIExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pinpoint-email/package.json b/clients/client-pinpoint-email/package.json index 82fb782769550..7dbf51181fcfc 100644 --- a/clients/client-pinpoint-email/package.json +++ b/clients/client-pinpoint-email/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pinpoint-email/src/PinpointEmailClient.ts b/clients/client-pinpoint-email/src/PinpointEmailClient.ts index da2dcd95e66f2..f5968c2684452 100644 --- a/clients/client-pinpoint-email/src/PinpointEmailClient.ts +++ b/clients/client-pinpoint-email/src/PinpointEmailClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPinpointEmailHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateConfigurationSetCommandInput, CreateConfigurationSetCommandOutput, @@ -387,21 +392,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -440,8 +446,8 @@ export type PinpointEmailClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -460,8 +466,8 @@ export type PinpointEmailClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -520,8 +526,8 @@ export class PinpointEmailClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -530,8 +536,14 @@ export class PinpointEmailClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -542,4 +554,13 @@ export class PinpointEmailClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPinpointEmailHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PinpointEmailClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pinpoint-email/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pinpoint-email/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..06059444e83d9 --- /dev/null +++ b/clients/client-pinpoint-email/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PinpointEmailHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointEmailHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PinpointEmailHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PinpointEmailHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointEmailHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PinpointEmailHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pinpoint-email/src/auth/httpAuthSchemeProvider.ts b/clients/client-pinpoint-email/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0eeaca3b69c93 --- /dev/null +++ b/clients/client-pinpoint-email/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PinpointEmailClientConfig, PinpointEmailClientResolvedConfig } from "../PinpointEmailClient"; + +/** + * @internal + */ +export interface PinpointEmailHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PinpointEmailHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PinpointEmailClientResolvedConfig, + HandlerExecutionContext, + PinpointEmailHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPinpointEmailHttpAuthSchemeParametersProvider = async ( + config: PinpointEmailClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PinpointEmailHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ses", + region: authParameters.region, + }, + propertiesExtractor: (config: PinpointEmailClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PinpointEmailHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPinpointEmailHttpAuthSchemeProvider: PinpointEmailHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PinpointEmailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PinpointEmailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pinpoint-email/src/extensionConfiguration.ts b/clients/client-pinpoint-email/src/extensionConfiguration.ts index 571e53d77493f..d3a3bbfa03666 100644 --- a/clients/client-pinpoint-email/src/extensionConfiguration.ts +++ b/clients/client-pinpoint-email/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PinpointEmailExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pinpoint-email/src/runtimeConfig.shared.ts b/clients/client-pinpoint-email/src/runtimeConfig.shared.ts index 5f4ed5cc6dc7b..3d6fbbbe572c5 100644 --- a/clients/client-pinpoint-email/src/runtimeConfig.shared.ts +++ b/clients/client-pinpoint-email/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPinpointEmailHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PinpointEmailClientConfig } from "./PinpointEmailClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PinpointEmailClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPinpointEmailHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pinpoint Email", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pinpoint-email/src/runtimeExtensions.ts b/clients/client-pinpoint-email/src/runtimeExtensions.ts index 0a3446fcebe71..53759f674ffd1 100644 --- a/clients/client-pinpoint-email/src/runtimeExtensions.ts +++ b/clients/client-pinpoint-email/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PinpointEmailExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pinpoint-sms-voice-v2/package.json b/clients/client-pinpoint-sms-voice-v2/package.json index 62a40c0725164..5eb0dc0195737 100644 --- a/clients/client-pinpoint-sms-voice-v2/package.json +++ b/clients/client-pinpoint-sms-voice-v2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-pinpoint-sms-voice-v2/src/PinpointSMSVoiceV2Client.ts b/clients/client-pinpoint-sms-voice-v2/src/PinpointSMSVoiceV2Client.ts index 96add24ab45e1..81493952bd324 100644 --- a/clients/client-pinpoint-sms-voice-v2/src/PinpointSMSVoiceV2Client.ts +++ b/clients/client-pinpoint-sms-voice-v2/src/PinpointSMSVoiceV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPinpointSMSVoiceV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateOriginationIdentityCommandInput, AssociateOriginationIdentityCommandOutput, @@ -498,21 +503,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -551,8 +557,8 @@ export type PinpointSMSVoiceV2ClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -571,8 +577,8 @@ export type PinpointSMSVoiceV2ClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -637,8 +643,8 @@ export class PinpointSMSVoiceV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -647,8 +653,14 @@ export class PinpointSMSVoiceV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -659,4 +671,13 @@ export class PinpointSMSVoiceV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPinpointSMSVoiceV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PinpointSMSVoiceV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a7341cbaec998 --- /dev/null +++ b/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PinpointSMSVoiceV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointSMSVoiceV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PinpointSMSVoiceV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PinpointSMSVoiceV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointSMSVoiceV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PinpointSMSVoiceV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthSchemeProvider.ts b/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..408b89c830e58 --- /dev/null +++ b/clients/client-pinpoint-sms-voice-v2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PinpointSMSVoiceV2ClientConfig, PinpointSMSVoiceV2ClientResolvedConfig } from "../PinpointSMSVoiceV2Client"; + +/** + * @internal + */ +export interface PinpointSMSVoiceV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PinpointSMSVoiceV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PinpointSMSVoiceV2ClientResolvedConfig, + HandlerExecutionContext, + PinpointSMSVoiceV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPinpointSMSVoiceV2HttpAuthSchemeParametersProvider = async ( + config: PinpointSMSVoiceV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PinpointSMSVoiceV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sms-voice", + region: authParameters.region, + }, + propertiesExtractor: (config: PinpointSMSVoiceV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PinpointSMSVoiceV2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPinpointSMSVoiceV2HttpAuthSchemeProvider: PinpointSMSVoiceV2HttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PinpointSMSVoiceV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PinpointSMSVoiceV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pinpoint-sms-voice-v2/src/extensionConfiguration.ts b/clients/client-pinpoint-sms-voice-v2/src/extensionConfiguration.ts index f7b6cd945077e..fa1177d41d638 100644 --- a/clients/client-pinpoint-sms-voice-v2/src/extensionConfiguration.ts +++ b/clients/client-pinpoint-sms-voice-v2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PinpointSMSVoiceV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pinpoint-sms-voice-v2/src/runtimeConfig.shared.ts b/clients/client-pinpoint-sms-voice-v2/src/runtimeConfig.shared.ts index 2cfb4a6689ed4..02ed64f90353a 100644 --- a/clients/client-pinpoint-sms-voice-v2/src/runtimeConfig.shared.ts +++ b/clients/client-pinpoint-sms-voice-v2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPinpointSMSVoiceV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PinpointSMSVoiceV2ClientConfig } from "./PinpointSMSVoiceV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PinpointSMSVoiceV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPinpointSMSVoiceV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pinpoint SMS Voice V2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pinpoint-sms-voice-v2/src/runtimeExtensions.ts b/clients/client-pinpoint-sms-voice-v2/src/runtimeExtensions.ts index 54dfbbe0ba926..c444704f104bb 100644 --- a/clients/client-pinpoint-sms-voice-v2/src/runtimeExtensions.ts +++ b/clients/client-pinpoint-sms-voice-v2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PinpointSMSVoiceV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pinpoint-sms-voice/package.json b/clients/client-pinpoint-sms-voice/package.json index ac50c7970d81c..397572db934c8 100644 --- a/clients/client-pinpoint-sms-voice/package.json +++ b/clients/client-pinpoint-sms-voice/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pinpoint-sms-voice/src/PinpointSMSVoiceClient.ts b/clients/client-pinpoint-sms-voice/src/PinpointSMSVoiceClient.ts index a2cf0d206e6dc..07b2dcef5c8b5 100644 --- a/clients/client-pinpoint-sms-voice/src/PinpointSMSVoiceClient.ts +++ b/clients/client-pinpoint-sms-voice/src/PinpointSMSVoiceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPinpointSMSVoiceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateConfigurationSetCommandInput, CreateConfigurationSetCommandOutput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type PinpointSMSVoiceClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type PinpointSMSVoiceClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -306,8 +312,8 @@ export class PinpointSMSVoiceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -316,8 +322,14 @@ export class PinpointSMSVoiceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -328,4 +340,13 @@ export class PinpointSMSVoiceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPinpointSMSVoiceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PinpointSMSVoiceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pinpoint-sms-voice/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pinpoint-sms-voice/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..cab058ecaabd9 --- /dev/null +++ b/clients/client-pinpoint-sms-voice/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PinpointSMSVoiceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointSMSVoiceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PinpointSMSVoiceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PinpointSMSVoiceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointSMSVoiceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PinpointSMSVoiceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pinpoint-sms-voice/src/auth/httpAuthSchemeProvider.ts b/clients/client-pinpoint-sms-voice/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..962994f193123 --- /dev/null +++ b/clients/client-pinpoint-sms-voice/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PinpointSMSVoiceClientConfig, PinpointSMSVoiceClientResolvedConfig } from "../PinpointSMSVoiceClient"; + +/** + * @internal + */ +export interface PinpointSMSVoiceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PinpointSMSVoiceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PinpointSMSVoiceClientResolvedConfig, + HandlerExecutionContext, + PinpointSMSVoiceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPinpointSMSVoiceHttpAuthSchemeParametersProvider = async ( + config: PinpointSMSVoiceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PinpointSMSVoiceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sms-voice", + region: authParameters.region, + }, + propertiesExtractor: (config: PinpointSMSVoiceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PinpointSMSVoiceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPinpointSMSVoiceHttpAuthSchemeProvider: PinpointSMSVoiceHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PinpointSMSVoiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PinpointSMSVoiceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pinpoint-sms-voice/src/extensionConfiguration.ts b/clients/client-pinpoint-sms-voice/src/extensionConfiguration.ts index 73ce3d604a7db..0f9f5f27fb89b 100644 --- a/clients/client-pinpoint-sms-voice/src/extensionConfiguration.ts +++ b/clients/client-pinpoint-sms-voice/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PinpointSMSVoiceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pinpoint-sms-voice/src/runtimeConfig.shared.ts b/clients/client-pinpoint-sms-voice/src/runtimeConfig.shared.ts index ae070da9fa334..78d2a802d0bc7 100644 --- a/clients/client-pinpoint-sms-voice/src/runtimeConfig.shared.ts +++ b/clients/client-pinpoint-sms-voice/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPinpointSMSVoiceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PinpointSMSVoiceClientConfig } from "./PinpointSMSVoiceClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PinpointSMSVoiceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPinpointSMSVoiceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pinpoint SMS Voice", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pinpoint-sms-voice/src/runtimeExtensions.ts b/clients/client-pinpoint-sms-voice/src/runtimeExtensions.ts index 09b2ea9d0a9a6..e886e955cd6c5 100644 --- a/clients/client-pinpoint-sms-voice/src/runtimeExtensions.ts +++ b/clients/client-pinpoint-sms-voice/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PinpointSMSVoiceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pinpoint/package.json b/clients/client-pinpoint/package.json index 92a0bd18d55e7..1f71c0b306941 100644 --- a/clients/client-pinpoint/package.json +++ b/clients/client-pinpoint/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pinpoint/src/PinpointClient.ts b/clients/client-pinpoint/src/PinpointClient.ts index 56e1ca29a86f0..d7de0f5277bc9 100644 --- a/clients/client-pinpoint/src/PinpointClient.ts +++ b/clients/client-pinpoint/src/PinpointClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPinpointHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAppCommandInput, CreateAppCommandOutput } from "./commands/CreateAppCommand"; import { CreateCampaignCommandInput, CreateCampaignCommandOutput } from "./commands/CreateCampaignCommand"; import { @@ -645,21 +650,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -698,8 +704,8 @@ export type PinpointClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -718,8 +724,8 @@ export type PinpointClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -750,8 +756,8 @@ export class PinpointClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -760,8 +766,14 @@ export class PinpointClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -772,4 +784,13 @@ export class PinpointClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPinpointHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PinpointClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pinpoint/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pinpoint/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2950725976aef --- /dev/null +++ b/clients/client-pinpoint/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PinpointHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PinpointHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PinpointHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PinpointHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PinpointHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pinpoint/src/auth/httpAuthSchemeProvider.ts b/clients/client-pinpoint/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d6fedf14945ff --- /dev/null +++ b/clients/client-pinpoint/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PinpointClientConfig, PinpointClientResolvedConfig } from "../PinpointClient"; + +/** + * @internal + */ +export interface PinpointHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PinpointHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PinpointClientResolvedConfig, + HandlerExecutionContext, + PinpointHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPinpointHttpAuthSchemeParametersProvider = async ( + config: PinpointClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PinpointHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "mobiletargeting", + region: authParameters.region, + }, + propertiesExtractor: (config: PinpointClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PinpointHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPinpointHttpAuthSchemeProvider: PinpointHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PinpointHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PinpointHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pinpoint/src/extensionConfiguration.ts b/clients/client-pinpoint/src/extensionConfiguration.ts index 8559bbc9070b9..308c639acd6e5 100644 --- a/clients/client-pinpoint/src/extensionConfiguration.ts +++ b/clients/client-pinpoint/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PinpointExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pinpoint/src/runtimeConfig.shared.ts b/clients/client-pinpoint/src/runtimeConfig.shared.ts index 04cf7debb4b2f..578778f0f3085 100644 --- a/clients/client-pinpoint/src/runtimeConfig.shared.ts +++ b/clients/client-pinpoint/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPinpointHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PinpointClientConfig } from "./PinpointClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PinpointClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPinpointHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pinpoint", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pinpoint/src/runtimeExtensions.ts b/clients/client-pinpoint/src/runtimeExtensions.ts index 58137af585e08..fb3facd6eaeeb 100644 --- a/clients/client-pinpoint/src/runtimeExtensions.ts +++ b/clients/client-pinpoint/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PinpointExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-pipes/package.json b/clients/client-pipes/package.json index 21ee93b990384..c80d4ea65e2d2 100644 --- a/clients/client-pipes/package.json +++ b/clients/client-pipes/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pipes/src/PipesClient.ts b/clients/client-pipes/src/PipesClient.ts index c0fc25b455e61..1c0db94cb1cbc 100644 --- a/clients/client-pipes/src/PipesClient.ts +++ b/clients/client-pipes/src/PipesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPipesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreatePipeCommandInput, CreatePipeCommandOutput } from "./commands/CreatePipeCommand"; import { DeletePipeCommandInput, DeletePipeCommandOutput } from "./commands/DeletePipeCommand"; import { DescribePipeCommandInput, DescribePipeCommandOutput } from "./commands/DescribePipeCommand"; @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type PipesClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type PipesClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -296,8 +302,8 @@ export class PipesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -306,8 +312,14 @@ export class PipesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -318,4 +330,13 @@ export class PipesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPipesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PipesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pipes/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pipes/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..69eaa67dcdb1e --- /dev/null +++ b/clients/client-pipes/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PipesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PipesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PipesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PipesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PipesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PipesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pipes/src/auth/httpAuthSchemeProvider.ts b/clients/client-pipes/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a4590c97e7086 --- /dev/null +++ b/clients/client-pipes/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PipesClientConfig, PipesClientResolvedConfig } from "../PipesClient"; + +/** + * @internal + */ +export interface PipesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PipesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PipesClientResolvedConfig, + HandlerExecutionContext, + PipesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPipesHttpAuthSchemeParametersProvider = async ( + config: PipesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PipesHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "pipes", + region: authParameters.region, + }, + propertiesExtractor: (config: PipesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PipesHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPipesHttpAuthSchemeProvider: PipesHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PipesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PipesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pipes/src/extensionConfiguration.ts b/clients/client-pipes/src/extensionConfiguration.ts index bab393f01dabc..56ae9677e95e4 100644 --- a/clients/client-pipes/src/extensionConfiguration.ts +++ b/clients/client-pipes/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PipesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pipes/src/runtimeConfig.shared.ts b/clients/client-pipes/src/runtimeConfig.shared.ts index 895284522db34..fa011965d34ba 100644 --- a/clients/client-pipes/src/runtimeConfig.shared.ts +++ b/clients/client-pipes/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPipesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PipesClientConfig } from "./PipesClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PipesClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPipesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pipes", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pipes/src/runtimeExtensions.ts b/clients/client-pipes/src/runtimeExtensions.ts index c89441e251d76..78d77f09e4dcc 100644 --- a/clients/client-pipes/src/runtimeExtensions.ts +++ b/clients/client-pipes/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PipesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-polly/package.json b/clients/client-polly/package.json index b70e77da2b153..b38a34d30675c 100644 --- a/clients/client-polly/package.json +++ b/clients/client-polly/package.json @@ -33,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,7 +52,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-pricing/package.json b/clients/client-pricing/package.json index 83fe22ee83227..9d3b083a58431 100644 --- a/clients/client-pricing/package.json +++ b/clients/client-pricing/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-pricing/src/PricingClient.ts b/clients/client-pricing/src/PricingClient.ts index 53a3104d9a7e4..449a320a87734 100644 --- a/clients/client-pricing/src/PricingClient.ts +++ b/clients/client-pricing/src/PricingClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPricingHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeServicesCommandInput, DescribeServicesCommandOutput } from "./commands/DescribeServicesCommand"; import { GetAttributeValuesCommandInput, GetAttributeValuesCommandOutput } from "./commands/GetAttributeValuesCommand"; import { @@ -174,21 +179,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -227,8 +233,8 @@ export type PricingClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -247,8 +253,8 @@ export type PricingClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export class PricingClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -317,8 +323,14 @@ export class PricingClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -329,4 +341,13 @@ export class PricingClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPricingHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PricingClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-pricing/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-pricing/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f8b1e5550d574 --- /dev/null +++ b/clients/client-pricing/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PricingHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PricingHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PricingHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PricingHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PricingHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PricingHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-pricing/src/auth/httpAuthSchemeProvider.ts b/clients/client-pricing/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6174242908305 --- /dev/null +++ b/clients/client-pricing/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PricingClientConfig, PricingClientResolvedConfig } from "../PricingClient"; + +/** + * @internal + */ +export interface PricingHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PricingHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PricingClientResolvedConfig, + HandlerExecutionContext, + PricingHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPricingHttpAuthSchemeParametersProvider = async ( + config: PricingClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PricingHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "pricing", + region: authParameters.region, + }, + propertiesExtractor: (config: PricingClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PricingHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPricingHttpAuthSchemeProvider: PricingHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PricingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PricingHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-pricing/src/extensionConfiguration.ts b/clients/client-pricing/src/extensionConfiguration.ts index d9720c796974c..caf5616064540 100644 --- a/clients/client-pricing/src/extensionConfiguration.ts +++ b/clients/client-pricing/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PricingExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-pricing/src/runtimeConfig.shared.ts b/clients/client-pricing/src/runtimeConfig.shared.ts index ab578f761240c..c9ff68a4a29ba 100644 --- a/clients/client-pricing/src/runtimeConfig.shared.ts +++ b/clients/client-pricing/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPricingHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PricingClientConfig } from "./PricingClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PricingClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPricingHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Pricing", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-pricing/src/runtimeExtensions.ts b/clients/client-pricing/src/runtimeExtensions.ts index 7e0488f497bfc..1015625ff9e83 100644 --- a/clients/client-pricing/src/runtimeExtensions.ts +++ b/clients/client-pricing/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PricingExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-privatenetworks/package.json b/clients/client-privatenetworks/package.json index f629e53c71182..6116f0beef9fd 100644 --- a/clients/client-privatenetworks/package.json +++ b/clients/client-privatenetworks/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-privatenetworks/src/PrivateNetworksClient.ts b/clients/client-privatenetworks/src/PrivateNetworksClient.ts index dc6df750978bf..0a50fdf1bb815 100644 --- a/clients/client-privatenetworks/src/PrivateNetworksClient.ts +++ b/clients/client-privatenetworks/src/PrivateNetworksClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultPrivateNetworksHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcknowledgeOrderReceiptCommandInput, AcknowledgeOrderReceiptCommandOutput, @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type PrivateNetworksClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type PrivateNetworksClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -375,8 +381,8 @@ export class PrivateNetworksClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -385,8 +391,14 @@ export class PrivateNetworksClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -397,4 +409,13 @@ export class PrivateNetworksClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultPrivateNetworksHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: PrivateNetworksClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-privatenetworks/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-privatenetworks/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d682990ea0b27 --- /dev/null +++ b/clients/client-privatenetworks/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { PrivateNetworksHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PrivateNetworksHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): PrivateNetworksHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: PrivateNetworksHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: PrivateNetworksHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): PrivateNetworksHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-privatenetworks/src/auth/httpAuthSchemeProvider.ts b/clients/client-privatenetworks/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..169d274eaa073 --- /dev/null +++ b/clients/client-privatenetworks/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { PrivateNetworksClientConfig, PrivateNetworksClientResolvedConfig } from "../PrivateNetworksClient"; + +/** + * @internal + */ +export interface PrivateNetworksHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface PrivateNetworksHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + PrivateNetworksClientResolvedConfig, + HandlerExecutionContext, + PrivateNetworksHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultPrivateNetworksHttpAuthSchemeParametersProvider = async ( + config: PrivateNetworksClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: PrivateNetworksHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "private-networks", + region: authParameters.region, + }, + propertiesExtractor: (config: PrivateNetworksClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface PrivateNetworksHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultPrivateNetworksHttpAuthSchemeProvider: PrivateNetworksHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: PrivateNetworksHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: PrivateNetworksHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-privatenetworks/src/extensionConfiguration.ts b/clients/client-privatenetworks/src/extensionConfiguration.ts index 11c0742c94173..3c9434b0fd4f9 100644 --- a/clients/client-privatenetworks/src/extensionConfiguration.ts +++ b/clients/client-privatenetworks/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface PrivateNetworksExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-privatenetworks/src/runtimeConfig.shared.ts b/clients/client-privatenetworks/src/runtimeConfig.shared.ts index ea26c57d33138..a8b284011d20f 100644 --- a/clients/client-privatenetworks/src/runtimeConfig.shared.ts +++ b/clients/client-privatenetworks/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultPrivateNetworksHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { PrivateNetworksClientConfig } from "./PrivateNetworksClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: PrivateNetworksClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultPrivateNetworksHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "PrivateNetworks", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-privatenetworks/src/runtimeExtensions.ts b/clients/client-privatenetworks/src/runtimeExtensions.ts index 5698a7583b75e..17cccefd3be5c 100644 --- a/clients/client-privatenetworks/src/runtimeExtensions.ts +++ b/clients/client-privatenetworks/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { PrivateNetworksExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-proton/package.json b/clients/client-proton/package.json index 62d9650786c93..f67c01d2d485c 100644 --- a/clients/client-proton/package.json +++ b/clients/client-proton/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-proton/src/ProtonClient.ts b/clients/client-proton/src/ProtonClient.ts index 951ea42c5ce93..a09de4af81d1d 100644 --- a/clients/client-proton/src/ProtonClient.ts +++ b/clients/client-proton/src/ProtonClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultProtonHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptEnvironmentAccountConnectionCommandInput, AcceptEnvironmentAccountConnectionCommandOutput, @@ -597,21 +602,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -650,8 +656,8 @@ export type ProtonClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -670,8 +676,8 @@ export type ProtonClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -830,8 +836,8 @@ export class ProtonClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -840,8 +846,14 @@ export class ProtonClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -852,4 +864,13 @@ export class ProtonClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultProtonHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ProtonClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-proton/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-proton/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..26ae6751640cd --- /dev/null +++ b/clients/client-proton/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ProtonHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ProtonHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ProtonHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ProtonHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ProtonHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ProtonHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-proton/src/auth/httpAuthSchemeProvider.ts b/clients/client-proton/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ea5fc02c71552 --- /dev/null +++ b/clients/client-proton/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ProtonClientConfig, ProtonClientResolvedConfig } from "../ProtonClient"; + +/** + * @internal + */ +export interface ProtonHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ProtonHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ProtonClientResolvedConfig, + HandlerExecutionContext, + ProtonHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultProtonHttpAuthSchemeParametersProvider = async ( + config: ProtonClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ProtonHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "proton", + region: authParameters.region, + }, + propertiesExtractor: (config: ProtonClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ProtonHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultProtonHttpAuthSchemeProvider: ProtonHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ProtonHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ProtonHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-proton/src/extensionConfiguration.ts b/clients/client-proton/src/extensionConfiguration.ts index 2f71d2eabe71a..dc77d6ee5c965 100644 --- a/clients/client-proton/src/extensionConfiguration.ts +++ b/clients/client-proton/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ProtonExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-proton/src/runtimeConfig.shared.ts b/clients/client-proton/src/runtimeConfig.shared.ts index efdb29f13051d..d59d1ae839139 100644 --- a/clients/client-proton/src/runtimeConfig.shared.ts +++ b/clients/client-proton/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultProtonHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ProtonClientConfig } from "./ProtonClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ProtonClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultProtonHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Proton", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-proton/src/runtimeExtensions.ts b/clients/client-proton/src/runtimeExtensions.ts index a02e6b6c5bb57..fa652e3551c34 100644 --- a/clients/client-proton/src/runtimeExtensions.ts +++ b/clients/client-proton/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ProtonExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-qbusiness/package.json b/clients/client-qbusiness/package.json index 706a0f16773be..df86b57bab8c8 100644 --- a/clients/client-qbusiness/package.json +++ b/clients/client-qbusiness/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-qbusiness/src/QBusinessClient.ts b/clients/client-qbusiness/src/QBusinessClient.ts index a67d4643afd60..bc9dcb7dd7c28 100644 --- a/clients/client-qbusiness/src/QBusinessClient.ts +++ b/clients/client-qbusiness/src/QBusinessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultQBusinessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDeleteDocumentCommandInput, BatchDeleteDocumentCommandOutput, @@ -354,21 +359,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -407,8 +413,8 @@ export type QBusinessClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export type QBusinessClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -460,8 +466,8 @@ export class QBusinessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -470,8 +476,14 @@ export class QBusinessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -482,4 +494,13 @@ export class QBusinessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultQBusinessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: QBusinessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-qbusiness/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-qbusiness/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e2f27f318c6d3 --- /dev/null +++ b/clients/client-qbusiness/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { QBusinessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QBusinessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): QBusinessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: QBusinessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QBusinessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): QBusinessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-qbusiness/src/auth/httpAuthSchemeProvider.ts b/clients/client-qbusiness/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..24e94804fbe76 --- /dev/null +++ b/clients/client-qbusiness/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { QBusinessClientConfig, QBusinessClientResolvedConfig } from "../QBusinessClient"; + +/** + * @internal + */ +export interface QBusinessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface QBusinessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + QBusinessClientResolvedConfig, + HandlerExecutionContext, + QBusinessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultQBusinessHttpAuthSchemeParametersProvider = async ( + config: QBusinessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: QBusinessHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "qbusiness", + region: authParameters.region, + }, + propertiesExtractor: (config: QBusinessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface QBusinessHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultQBusinessHttpAuthSchemeProvider: QBusinessHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: QBusinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: QBusinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-qbusiness/src/extensionConfiguration.ts b/clients/client-qbusiness/src/extensionConfiguration.ts index 4d2b3e95d6324..a8aaeb95eacd2 100644 --- a/clients/client-qbusiness/src/extensionConfiguration.ts +++ b/clients/client-qbusiness/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface QBusinessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-qbusiness/src/runtimeConfig.shared.ts b/clients/client-qbusiness/src/runtimeConfig.shared.ts index b3cffa926bd4a..495d21c36162e 100644 --- a/clients/client-qbusiness/src/runtimeConfig.shared.ts +++ b/clients/client-qbusiness/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultQBusinessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { QBusinessClientConfig } from "./QBusinessClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: QBusinessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultQBusinessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "QBusiness", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-qbusiness/src/runtimeExtensions.ts b/clients/client-qbusiness/src/runtimeExtensions.ts index c014c07da8340..207200c85735a 100644 --- a/clients/client-qbusiness/src/runtimeExtensions.ts +++ b/clients/client-qbusiness/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { QBusinessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-qconnect/package.json b/clients/client-qconnect/package.json index e77d3e0865e8f..6250f6051bf8d 100644 --- a/clients/client-qconnect/package.json +++ b/clients/client-qconnect/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-qconnect/src/QConnectClient.ts b/clients/client-qconnect/src/QConnectClient.ts index 3ed4f119ff3dc..e9ebf3aeb0900 100644 --- a/clients/client-qconnect/src/QConnectClient.ts +++ b/clients/client-qconnect/src/QConnectClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultQConnectHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAssistantAssociationCommandInput, CreateAssistantAssociationCommandOutput, @@ -324,21 +329,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -377,8 +383,8 @@ export type QConnectClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -397,8 +403,8 @@ export type QConnectClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -448,8 +454,8 @@ export class QConnectClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -458,8 +464,14 @@ export class QConnectClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -470,4 +482,13 @@ export class QConnectClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultQConnectHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: QConnectClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-qconnect/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-qconnect/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1d2a147bab4dd --- /dev/null +++ b/clients/client-qconnect/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { QConnectHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QConnectHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): QConnectHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: QConnectHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QConnectHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): QConnectHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-qconnect/src/auth/httpAuthSchemeProvider.ts b/clients/client-qconnect/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..571a677acbd48 --- /dev/null +++ b/clients/client-qconnect/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { QConnectClientConfig, QConnectClientResolvedConfig } from "../QConnectClient"; + +/** + * @internal + */ +export interface QConnectHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface QConnectHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + QConnectClientResolvedConfig, + HandlerExecutionContext, + QConnectHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultQConnectHttpAuthSchemeParametersProvider = async ( + config: QConnectClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: QConnectHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "wisdom", + region: authParameters.region, + }, + propertiesExtractor: (config: QConnectClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface QConnectHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultQConnectHttpAuthSchemeProvider: QConnectHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: QConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: QConnectHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-qconnect/src/extensionConfiguration.ts b/clients/client-qconnect/src/extensionConfiguration.ts index cb9cf8a647f69..307fbcdd72542 100644 --- a/clients/client-qconnect/src/extensionConfiguration.ts +++ b/clients/client-qconnect/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface QConnectExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-qconnect/src/runtimeConfig.shared.ts b/clients/client-qconnect/src/runtimeConfig.shared.ts index 6fb5ad5c2c13b..b868c8032bf6d 100644 --- a/clients/client-qconnect/src/runtimeConfig.shared.ts +++ b/clients/client-qconnect/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultQConnectHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { QConnectClientConfig } from "./QConnectClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: QConnectClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultQConnectHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "QConnect", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-qconnect/src/runtimeExtensions.ts b/clients/client-qconnect/src/runtimeExtensions.ts index d38aa2d36fa5d..d35a8504f7c0f 100644 --- a/clients/client-qconnect/src/runtimeExtensions.ts +++ b/clients/client-qconnect/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { QConnectExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-qldb-session/package.json b/clients/client-qldb-session/package.json index 2369f0da410af..77ad6193e1bb8 100644 --- a/clients/client-qldb-session/package.json +++ b/clients/client-qldb-session/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-qldb-session/src/QLDBSessionClient.ts b/clients/client-qldb-session/src/QLDBSessionClient.ts index 1ba5095f75373..5f04e48dbc057 100644 --- a/clients/client-qldb-session/src/QLDBSessionClient.ts +++ b/clients/client-qldb-session/src/QLDBSessionClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultQLDBSessionHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { SendCommandCommandInput, SendCommandCommandOutput } from "./commands/SendCommandCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type QLDBSessionClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type QLDBSessionClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -282,8 +288,8 @@ export class QLDBSessionClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -292,8 +298,14 @@ export class QLDBSessionClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -304,4 +316,13 @@ export class QLDBSessionClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultQLDBSessionHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: QLDBSessionClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-qldb-session/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-qldb-session/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..da7ccfe85c2e2 --- /dev/null +++ b/clients/client-qldb-session/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { QLDBSessionHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QLDBSessionHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): QLDBSessionHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: QLDBSessionHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QLDBSessionHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): QLDBSessionHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-qldb-session/src/auth/httpAuthSchemeProvider.ts b/clients/client-qldb-session/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f4b97eefe3593 --- /dev/null +++ b/clients/client-qldb-session/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { QLDBSessionClientConfig, QLDBSessionClientResolvedConfig } from "../QLDBSessionClient"; + +/** + * @internal + */ +export interface QLDBSessionHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface QLDBSessionHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + QLDBSessionClientResolvedConfig, + HandlerExecutionContext, + QLDBSessionHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultQLDBSessionHttpAuthSchemeParametersProvider = async ( + config: QLDBSessionClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: QLDBSessionHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "qldb", + region: authParameters.region, + }, + propertiesExtractor: (config: QLDBSessionClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface QLDBSessionHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultQLDBSessionHttpAuthSchemeProvider: QLDBSessionHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: QLDBSessionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: QLDBSessionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-qldb-session/src/extensionConfiguration.ts b/clients/client-qldb-session/src/extensionConfiguration.ts index cf220aa4dd6e0..2730bb745db2a 100644 --- a/clients/client-qldb-session/src/extensionConfiguration.ts +++ b/clients/client-qldb-session/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface QLDBSessionExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-qldb-session/src/runtimeConfig.shared.ts b/clients/client-qldb-session/src/runtimeConfig.shared.ts index 7b680bb7552f3..bbeeb5578bacf 100644 --- a/clients/client-qldb-session/src/runtimeConfig.shared.ts +++ b/clients/client-qldb-session/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultQLDBSessionHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { QLDBSessionClientConfig } from "./QLDBSessionClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: QLDBSessionClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultQLDBSessionHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "QLDB Session", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-qldb-session/src/runtimeExtensions.ts b/clients/client-qldb-session/src/runtimeExtensions.ts index 0ab25ed5aa26c..66d90f8146365 100644 --- a/clients/client-qldb-session/src/runtimeExtensions.ts +++ b/clients/client-qldb-session/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { QLDBSessionExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-qldb/package.json b/clients/client-qldb/package.json index ab0ae6f04a876..e4bfc1c497151 100644 --- a/clients/client-qldb/package.json +++ b/clients/client-qldb/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-qldb/src/QLDBClient.ts b/clients/client-qldb/src/QLDBClient.ts index 20141c0ba5b9f..3619723aa6f14 100644 --- a/clients/client-qldb/src/QLDBClient.ts +++ b/clients/client-qldb/src/QLDBClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultQLDBHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelJournalKinesisStreamCommandInput, CancelJournalKinesisStreamCommandOutput, @@ -243,21 +248,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -296,8 +302,8 @@ export type QLDBClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -316,8 +322,8 @@ export type QLDBClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -348,8 +354,8 @@ export class QLDBClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -358,8 +364,14 @@ export class QLDBClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -370,4 +382,13 @@ export class QLDBClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultQLDBHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: QLDBClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-qldb/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-qldb/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..8f2d5f73b5f45 --- /dev/null +++ b/clients/client-qldb/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { QLDBHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QLDBHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): QLDBHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: QLDBHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QLDBHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): QLDBHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-qldb/src/auth/httpAuthSchemeProvider.ts b/clients/client-qldb/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d0561c4953e18 --- /dev/null +++ b/clients/client-qldb/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { QLDBClientConfig, QLDBClientResolvedConfig } from "../QLDBClient"; + +/** + * @internal + */ +export interface QLDBHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface QLDBHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + QLDBClientResolvedConfig, + HandlerExecutionContext, + QLDBHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultQLDBHttpAuthSchemeParametersProvider = async ( + config: QLDBClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: QLDBHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "qldb", + region: authParameters.region, + }, + propertiesExtractor: (config: QLDBClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface QLDBHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultQLDBHttpAuthSchemeProvider: QLDBHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: QLDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: QLDBHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-qldb/src/extensionConfiguration.ts b/clients/client-qldb/src/extensionConfiguration.ts index c7f4c4588fedd..b7de748e90206 100644 --- a/clients/client-qldb/src/extensionConfiguration.ts +++ b/clients/client-qldb/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface QLDBExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-qldb/src/runtimeConfig.shared.ts b/clients/client-qldb/src/runtimeConfig.shared.ts index 0d2d53e1cec31..a7727c7a371c2 100644 --- a/clients/client-qldb/src/runtimeConfig.shared.ts +++ b/clients/client-qldb/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultQLDBHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { QLDBClientConfig } from "./QLDBClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: QLDBClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultQLDBHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "QLDB", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-qldb/src/runtimeExtensions.ts b/clients/client-qldb/src/runtimeExtensions.ts index 0cc84bbae8ba0..cc9624620c7bd 100644 --- a/clients/client-qldb/src/runtimeExtensions.ts +++ b/clients/client-qldb/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { QLDBExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-quicksight/package.json b/clients/client-quicksight/package.json index 76f672e1e47fe..1e58db5d29346 100644 --- a/clients/client-quicksight/package.json +++ b/clients/client-quicksight/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-quicksight/src/QuickSightClient.ts b/clients/client-quicksight/src/QuickSightClient.ts index e9d485fc1f9a6..ddd07d59a6a49 100644 --- a/clients/client-quicksight/src/QuickSightClient.ts +++ b/clients/client-quicksight/src/QuickSightClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultQuickSightHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelIngestionCommandInput, CancelIngestionCommandOutput } from "./commands/CancelIngestionCommand"; import { CreateAccountCustomizationCommandInput, @@ -951,21 +956,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1004,8 +1010,8 @@ export type QuickSightClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1024,8 +1030,8 @@ export type QuickSightClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1060,8 +1066,8 @@ export class QuickSightClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1070,8 +1076,14 @@ export class QuickSightClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1082,4 +1094,13 @@ export class QuickSightClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultQuickSightHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: QuickSightClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-quicksight/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-quicksight/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6b60798deae9b --- /dev/null +++ b/clients/client-quicksight/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { QuickSightHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QuickSightHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): QuickSightHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: QuickSightHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: QuickSightHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): QuickSightHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-quicksight/src/auth/httpAuthSchemeProvider.ts b/clients/client-quicksight/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..8a664b873b90e --- /dev/null +++ b/clients/client-quicksight/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { QuickSightClientConfig, QuickSightClientResolvedConfig } from "../QuickSightClient"; + +/** + * @internal + */ +export interface QuickSightHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface QuickSightHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + QuickSightClientResolvedConfig, + HandlerExecutionContext, + QuickSightHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultQuickSightHttpAuthSchemeParametersProvider = async ( + config: QuickSightClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: QuickSightHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "quicksight", + region: authParameters.region, + }, + propertiesExtractor: (config: QuickSightClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface QuickSightHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultQuickSightHttpAuthSchemeProvider: QuickSightHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: QuickSightHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: QuickSightHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-quicksight/src/extensionConfiguration.ts b/clients/client-quicksight/src/extensionConfiguration.ts index 154f21423635b..5d5c7873bfd78 100644 --- a/clients/client-quicksight/src/extensionConfiguration.ts +++ b/clients/client-quicksight/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface QuickSightExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-quicksight/src/runtimeConfig.shared.ts b/clients/client-quicksight/src/runtimeConfig.shared.ts index d08233480b1d5..c896cbc4efc67 100644 --- a/clients/client-quicksight/src/runtimeConfig.shared.ts +++ b/clients/client-quicksight/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultQuickSightHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { QuickSightClientConfig } from "./QuickSightClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: QuickSightClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultQuickSightHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "QuickSight", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-quicksight/src/runtimeExtensions.ts b/clients/client-quicksight/src/runtimeExtensions.ts index c6410cbc83131..28e88d427c879 100644 --- a/clients/client-quicksight/src/runtimeExtensions.ts +++ b/clients/client-quicksight/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { QuickSightExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ram/package.json b/clients/client-ram/package.json index 7abc2bf536f56..3d2edca44d2db 100644 --- a/clients/client-ram/package.json +++ b/clients/client-ram/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ram/src/RAMClient.ts b/clients/client-ram/src/RAMClient.ts index cda20eb22599b..80cf9e6769cc5 100644 --- a/clients/client-ram/src/RAMClient.ts +++ b/clients/client-ram/src/RAMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRAMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptResourceShareInvitationCommandInput, AcceptResourceShareInvitationCommandOutput, @@ -330,21 +335,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -383,8 +389,8 @@ export type RAMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -403,8 +409,8 @@ export type RAMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -454,8 +460,8 @@ export class RAMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -464,8 +470,14 @@ export class RAMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -476,4 +488,13 @@ export class RAMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRAMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RAMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ram/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ram/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9d60277107917 --- /dev/null +++ b/clients/client-ram/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RAMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RAMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RAMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RAMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RAMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RAMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ram/src/auth/httpAuthSchemeProvider.ts b/clients/client-ram/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..848ee1463470e --- /dev/null +++ b/clients/client-ram/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RAMClientConfig, RAMClientResolvedConfig } from "../RAMClient"; + +/** + * @internal + */ +export interface RAMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RAMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RAMClientResolvedConfig, + HandlerExecutionContext, + RAMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRAMHttpAuthSchemeParametersProvider = async ( + config: RAMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RAMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ram", + region: authParameters.region, + }, + propertiesExtractor: (config: RAMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RAMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRAMHttpAuthSchemeProvider: RAMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RAMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ram/src/extensionConfiguration.ts b/clients/client-ram/src/extensionConfiguration.ts index dd5a5b6f8d910..791501f9941b3 100644 --- a/clients/client-ram/src/extensionConfiguration.ts +++ b/clients/client-ram/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RAMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ram/src/runtimeConfig.shared.ts b/clients/client-ram/src/runtimeConfig.shared.ts index 234e50c0c62c1..10fe023d951d3 100644 --- a/clients/client-ram/src/runtimeConfig.shared.ts +++ b/clients/client-ram/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRAMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RAMClientConfig } from "./RAMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RAMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRAMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "RAM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ram/src/runtimeExtensions.ts b/clients/client-ram/src/runtimeExtensions.ts index c70ac2cdef118..9ba7433477e0b 100644 --- a/clients/client-ram/src/runtimeExtensions.ts +++ b/clients/client-ram/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RAMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rbin/package.json b/clients/client-rbin/package.json index a2c0332346622..707a6781d7c70 100644 --- a/clients/client-rbin/package.json +++ b/clients/client-rbin/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-rbin/src/RbinClient.ts b/clients/client-rbin/src/RbinClient.ts index f2facd7105c5b..6b09593e9b5e4 100644 --- a/clients/client-rbin/src/RbinClient.ts +++ b/clients/client-rbin/src/RbinClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRbinHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateRuleCommandInput, CreateRuleCommandOutput } from "./commands/CreateRuleCommand"; import { DeleteRuleCommandInput, DeleteRuleCommandOutput } from "./commands/DeleteRuleCommand"; import { GetRuleCommandInput, GetRuleCommandOutput } from "./commands/GetRuleCommand"; @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type RbinClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type RbinClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -305,8 +311,8 @@ export class RbinClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -315,8 +321,14 @@ export class RbinClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -327,4 +339,13 @@ export class RbinClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRbinHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RbinClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-rbin/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-rbin/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..aacbf9552ca43 --- /dev/null +++ b/clients/client-rbin/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RbinHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RbinHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RbinHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RbinHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RbinHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RbinHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-rbin/src/auth/httpAuthSchemeProvider.ts b/clients/client-rbin/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..33a6f3365b6b9 --- /dev/null +++ b/clients/client-rbin/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RbinClientConfig, RbinClientResolvedConfig } from "../RbinClient"; + +/** + * @internal + */ +export interface RbinHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RbinHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RbinClientResolvedConfig, + HandlerExecutionContext, + RbinHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRbinHttpAuthSchemeParametersProvider = async ( + config: RbinClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RbinHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rbin", + region: authParameters.region, + }, + propertiesExtractor: (config: RbinClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RbinHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRbinHttpAuthSchemeProvider: RbinHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RbinHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RbinHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-rbin/src/extensionConfiguration.ts b/clients/client-rbin/src/extensionConfiguration.ts index cbaa7f817782e..e66fa3c8d106a 100644 --- a/clients/client-rbin/src/extensionConfiguration.ts +++ b/clients/client-rbin/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RbinExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-rbin/src/runtimeConfig.shared.ts b/clients/client-rbin/src/runtimeConfig.shared.ts index 6d346188ca917..3271a062690a3 100644 --- a/clients/client-rbin/src/runtimeConfig.shared.ts +++ b/clients/client-rbin/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRbinHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RbinClientConfig } from "./RbinClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RbinClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRbinHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "rbin", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-rbin/src/runtimeExtensions.ts b/clients/client-rbin/src/runtimeExtensions.ts index 13df4f1438830..946cbffa95467 100644 --- a/clients/client-rbin/src/runtimeExtensions.ts +++ b/clients/client-rbin/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RbinExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rds-data/package.json b/clients/client-rds-data/package.json index 3487ca7cafd57..e8f50d01139d4 100644 --- a/clients/client-rds-data/package.json +++ b/clients/client-rds-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-rds-data/src/RDSDataClient.ts b/clients/client-rds-data/src/RDSDataClient.ts index 19778781ee459..fee3b7343f292 100644 --- a/clients/client-rds-data/src/RDSDataClient.ts +++ b/clients/client-rds-data/src/RDSDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRDSDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchExecuteStatementCommandInput, BatchExecuteStatementCommandOutput, @@ -180,21 +185,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -233,8 +239,8 @@ export type RDSDataClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -253,8 +259,8 @@ export type RDSDataClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -299,8 +305,8 @@ export class RDSDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -309,8 +315,14 @@ export class RDSDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -321,4 +333,13 @@ export class RDSDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRDSDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RDSDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-rds-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-rds-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ed995c6cb2bea --- /dev/null +++ b/clients/client-rds-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RDSDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RDSDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RDSDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RDSDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RDSDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RDSDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-rds-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-rds-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..74f8a1c5f5947 --- /dev/null +++ b/clients/client-rds-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RDSDataClientConfig, RDSDataClientResolvedConfig } from "../RDSDataClient"; + +/** + * @internal + */ +export interface RDSDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RDSDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RDSDataClientResolvedConfig, + HandlerExecutionContext, + RDSDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRDSDataHttpAuthSchemeParametersProvider = async ( + config: RDSDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RDSDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rds-data", + region: authParameters.region, + }, + propertiesExtractor: (config: RDSDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RDSDataHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRDSDataHttpAuthSchemeProvider: RDSDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RDSDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RDSDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-rds-data/src/extensionConfiguration.ts b/clients/client-rds-data/src/extensionConfiguration.ts index 49098419842ca..fb48cbb9d965d 100644 --- a/clients/client-rds-data/src/extensionConfiguration.ts +++ b/clients/client-rds-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RDSDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-rds-data/src/runtimeConfig.shared.ts b/clients/client-rds-data/src/runtimeConfig.shared.ts index a1e840f66470b..08d3664946b62 100644 --- a/clients/client-rds-data/src/runtimeConfig.shared.ts +++ b/clients/client-rds-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRDSDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RDSDataClientConfig } from "./RDSDataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RDSDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRDSDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "RDS Data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-rds-data/src/runtimeExtensions.ts b/clients/client-rds-data/src/runtimeExtensions.ts index 05980b6bc80d2..559f2e819506a 100644 --- a/clients/client-rds-data/src/runtimeExtensions.ts +++ b/clients/client-rds-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RDSDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rds/package.json b/clients/client-rds/package.json index 88771d6f6f8d7..4003a5da0837c 100644 --- a/clients/client-rds/package.json +++ b/clients/client-rds/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-redshift-data/package.json b/clients/client-redshift-data/package.json index 1c93935e5d1d4..789466e6e39af 100644 --- a/clients/client-redshift-data/package.json +++ b/clients/client-redshift-data/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-redshift-data/src/RedshiftDataClient.ts b/clients/client-redshift-data/src/RedshiftDataClient.ts index e123d2b5f584c..847d15112a4d4 100644 --- a/clients/client-redshift-data/src/RedshiftDataClient.ts +++ b/clients/client-redshift-data/src/RedshiftDataClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRedshiftDataHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchExecuteStatementCommandInput, BatchExecuteStatementCommandOutput, @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type RedshiftDataClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type RedshiftDataClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -298,8 +304,8 @@ export class RedshiftDataClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -308,8 +314,14 @@ export class RedshiftDataClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -320,4 +332,13 @@ export class RedshiftDataClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRedshiftDataHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RedshiftDataClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-redshift-data/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-redshift-data/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..963c7a62a9fc8 --- /dev/null +++ b/clients/client-redshift-data/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RedshiftDataHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftDataHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RedshiftDataHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RedshiftDataHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftDataHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RedshiftDataHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-redshift-data/src/auth/httpAuthSchemeProvider.ts b/clients/client-redshift-data/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dc8ba80daaed1 --- /dev/null +++ b/clients/client-redshift-data/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RedshiftDataClientConfig, RedshiftDataClientResolvedConfig } from "../RedshiftDataClient"; + +/** + * @internal + */ +export interface RedshiftDataHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RedshiftDataHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RedshiftDataClientResolvedConfig, + HandlerExecutionContext, + RedshiftDataHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRedshiftDataHttpAuthSchemeParametersProvider = async ( + config: RedshiftDataClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RedshiftDataHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "redshift-data", + region: authParameters.region, + }, + propertiesExtractor: (config: RedshiftDataClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RedshiftDataHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRedshiftDataHttpAuthSchemeProvider: RedshiftDataHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RedshiftDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RedshiftDataHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-redshift-data/src/extensionConfiguration.ts b/clients/client-redshift-data/src/extensionConfiguration.ts index e1a9b09c6d1f4..825e7e75e6033 100644 --- a/clients/client-redshift-data/src/extensionConfiguration.ts +++ b/clients/client-redshift-data/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RedshiftDataExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-redshift-data/src/runtimeConfig.shared.ts b/clients/client-redshift-data/src/runtimeConfig.shared.ts index 40e1dc486b738..3106af9142cea 100644 --- a/clients/client-redshift-data/src/runtimeConfig.shared.ts +++ b/clients/client-redshift-data/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRedshiftDataHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RedshiftDataClientConfig } from "./RedshiftDataClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RedshiftDataClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRedshiftDataHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Redshift Data", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-redshift-data/src/runtimeExtensions.ts b/clients/client-redshift-data/src/runtimeExtensions.ts index 5a9282fc36510..c1009875de2fe 100644 --- a/clients/client-redshift-data/src/runtimeExtensions.ts +++ b/clients/client-redshift-data/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RedshiftDataExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-redshift-serverless/package.json b/clients/client-redshift-serverless/package.json index 495f68b77e67b..2de80b370269a 100644 --- a/clients/client-redshift-serverless/package.json +++ b/clients/client-redshift-serverless/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-redshift-serverless/src/RedshiftServerlessClient.ts b/clients/client-redshift-serverless/src/RedshiftServerlessClient.ts index 07cfa66f5b7d4..f17487321fb80 100644 --- a/clients/client-redshift-serverless/src/RedshiftServerlessClient.ts +++ b/clients/client-redshift-serverless/src/RedshiftServerlessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRedshiftServerlessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ConvertRecoveryPointToSnapshotCommandInput, ConvertRecoveryPointToSnapshotCommandOutput, @@ -396,21 +401,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -449,8 +455,8 @@ export type RedshiftServerlessClientConfigType = Partial<__SmithyConfiguration<_ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -469,8 +475,8 @@ export type RedshiftServerlessClientResolvedConfigType = __SmithyResolvedConfigu EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -512,8 +518,8 @@ export class RedshiftServerlessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -522,8 +528,14 @@ export class RedshiftServerlessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -534,4 +546,13 @@ export class RedshiftServerlessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRedshiftServerlessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RedshiftServerlessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-redshift-serverless/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-redshift-serverless/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e725155350fcc --- /dev/null +++ b/clients/client-redshift-serverless/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RedshiftServerlessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftServerlessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RedshiftServerlessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RedshiftServerlessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftServerlessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RedshiftServerlessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-redshift-serverless/src/auth/httpAuthSchemeProvider.ts b/clients/client-redshift-serverless/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b763bef0e8239 --- /dev/null +++ b/clients/client-redshift-serverless/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RedshiftServerlessClientConfig, RedshiftServerlessClientResolvedConfig } from "../RedshiftServerlessClient"; + +/** + * @internal + */ +export interface RedshiftServerlessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RedshiftServerlessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RedshiftServerlessClientResolvedConfig, + HandlerExecutionContext, + RedshiftServerlessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRedshiftServerlessHttpAuthSchemeParametersProvider = async ( + config: RedshiftServerlessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RedshiftServerlessHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "redshift-serverless", + region: authParameters.region, + }, + propertiesExtractor: (config: RedshiftServerlessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RedshiftServerlessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRedshiftServerlessHttpAuthSchemeProvider: RedshiftServerlessHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RedshiftServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RedshiftServerlessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-redshift-serverless/src/extensionConfiguration.ts b/clients/client-redshift-serverless/src/extensionConfiguration.ts index ead7e7dcc66f8..8ad556af1ca24 100644 --- a/clients/client-redshift-serverless/src/extensionConfiguration.ts +++ b/clients/client-redshift-serverless/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RedshiftServerlessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-redshift-serverless/src/runtimeConfig.shared.ts b/clients/client-redshift-serverless/src/runtimeConfig.shared.ts index 167ee997c4331..6115182ad3d73 100644 --- a/clients/client-redshift-serverless/src/runtimeConfig.shared.ts +++ b/clients/client-redshift-serverless/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRedshiftServerlessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RedshiftServerlessClientConfig } from "./RedshiftServerlessClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RedshiftServerlessClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRedshiftServerlessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Redshift Serverless", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-redshift-serverless/src/runtimeExtensions.ts b/clients/client-redshift-serverless/src/runtimeExtensions.ts index 398021334de01..102b9e2b7f7df 100644 --- a/clients/client-redshift-serverless/src/runtimeExtensions.ts +++ b/clients/client-redshift-serverless/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RedshiftServerlessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-redshift/package.json b/clients/client-redshift/package.json index 3cf3c631e256b..b2fce0769ee7a 100644 --- a/clients/client-redshift/package.json +++ b/clients/client-redshift/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-redshift/src/RedshiftClient.ts b/clients/client-redshift/src/RedshiftClient.ts index 8d13b83e0b841..7c3ec8b24dbbc 100644 --- a/clients/client-redshift/src/RedshiftClient.ts +++ b/clients/client-redshift/src/RedshiftClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRedshiftHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptReservedNodeExchangeCommandInput, AcceptReservedNodeExchangeCommandOutput, @@ -867,21 +872,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -920,8 +926,8 @@ export type RedshiftClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -940,8 +946,8 @@ export type RedshiftClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -992,8 +998,8 @@ export class RedshiftClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1002,8 +1008,14 @@ export class RedshiftClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1014,4 +1026,13 @@ export class RedshiftClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRedshiftHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RedshiftClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-redshift/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-redshift/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..019c550111d9a --- /dev/null +++ b/clients/client-redshift/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RedshiftHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RedshiftHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RedshiftHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RedshiftHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RedshiftHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-redshift/src/auth/httpAuthSchemeProvider.ts b/clients/client-redshift/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e431527c89718 --- /dev/null +++ b/clients/client-redshift/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RedshiftClientConfig, RedshiftClientResolvedConfig } from "../RedshiftClient"; + +/** + * @internal + */ +export interface RedshiftHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RedshiftHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RedshiftClientResolvedConfig, + HandlerExecutionContext, + RedshiftHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRedshiftHttpAuthSchemeParametersProvider = async ( + config: RedshiftClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RedshiftHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "redshift", + region: authParameters.region, + }, + propertiesExtractor: (config: RedshiftClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RedshiftHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRedshiftHttpAuthSchemeProvider: RedshiftHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RedshiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RedshiftHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-redshift/src/extensionConfiguration.ts b/clients/client-redshift/src/extensionConfiguration.ts index 6c5d25840ab51..d41e7124e14eb 100644 --- a/clients/client-redshift/src/extensionConfiguration.ts +++ b/clients/client-redshift/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RedshiftExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-redshift/src/runtimeConfig.shared.ts b/clients/client-redshift/src/runtimeConfig.shared.ts index ee5b436716364..17237410215d4 100644 --- a/clients/client-redshift/src/runtimeConfig.shared.ts +++ b/clients/client-redshift/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRedshiftHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RedshiftClientConfig } from "./RedshiftClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RedshiftClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRedshiftHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Redshift", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-redshift/src/runtimeExtensions.ts b/clients/client-redshift/src/runtimeExtensions.ts index d8e6815d4730d..bbc305c2e1e8e 100644 --- a/clients/client-redshift/src/runtimeExtensions.ts +++ b/clients/client-redshift/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RedshiftExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rekognition/package.json b/clients/client-rekognition/package.json index ef96fd5d0f733..54a2ac4b7a18c 100644 --- a/clients/client-rekognition/package.json +++ b/clients/client-rekognition/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-rekognition/src/RekognitionClient.ts b/clients/client-rekognition/src/RekognitionClient.ts index 0fff1379bc9c1..feeaa369b8484 100644 --- a/clients/client-rekognition/src/RekognitionClient.ts +++ b/clients/client-rekognition/src/RekognitionClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRekognitionHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateFacesCommandInput, AssociateFacesCommandOutput } from "./commands/AssociateFacesCommand"; import { CompareFacesCommandInput, CompareFacesCommandOutput } from "./commands/CompareFacesCommand"; import { CopyProjectVersionCommandInput, CopyProjectVersionCommandOutput } from "./commands/CopyProjectVersionCommand"; @@ -477,21 +482,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -530,8 +536,8 @@ export type RekognitionClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -550,8 +556,8 @@ export type RekognitionClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -955,8 +961,8 @@ export class RekognitionClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -965,8 +971,14 @@ export class RekognitionClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -977,4 +989,13 @@ export class RekognitionClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRekognitionHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RekognitionClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-rekognition/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-rekognition/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1395e01aff953 --- /dev/null +++ b/clients/client-rekognition/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RekognitionHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RekognitionHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RekognitionHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RekognitionHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RekognitionHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RekognitionHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-rekognition/src/auth/httpAuthSchemeProvider.ts b/clients/client-rekognition/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0d5e54f727127 --- /dev/null +++ b/clients/client-rekognition/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RekognitionClientConfig, RekognitionClientResolvedConfig } from "../RekognitionClient"; + +/** + * @internal + */ +export interface RekognitionHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RekognitionHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RekognitionClientResolvedConfig, + HandlerExecutionContext, + RekognitionHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRekognitionHttpAuthSchemeParametersProvider = async ( + config: RekognitionClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RekognitionHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rekognition", + region: authParameters.region, + }, + propertiesExtractor: (config: RekognitionClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RekognitionHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRekognitionHttpAuthSchemeProvider: RekognitionHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RekognitionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RekognitionHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-rekognition/src/extensionConfiguration.ts b/clients/client-rekognition/src/extensionConfiguration.ts index d0fb34d843085..d4ff89464191f 100644 --- a/clients/client-rekognition/src/extensionConfiguration.ts +++ b/clients/client-rekognition/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RekognitionExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-rekognition/src/runtimeConfig.shared.ts b/clients/client-rekognition/src/runtimeConfig.shared.ts index d65f3ac6d5361..0dc0c55ecb1a6 100644 --- a/clients/client-rekognition/src/runtimeConfig.shared.ts +++ b/clients/client-rekognition/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRekognitionHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RekognitionClientConfig } from "./RekognitionClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RekognitionClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRekognitionHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Rekognition", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-rekognition/src/runtimeExtensions.ts b/clients/client-rekognition/src/runtimeExtensions.ts index 648aa39630db3..f91db2e6cbd5e 100644 --- a/clients/client-rekognition/src/runtimeExtensions.ts +++ b/clients/client-rekognition/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RekognitionExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rekognitionstreaming/package.json b/clients/client-rekognitionstreaming/package.json index 8bf8aecba2c8c..e95d1ffd29523 100644 --- a/clients/client-rekognitionstreaming/package.json +++ b/clients/client-rekognitionstreaming/package.json @@ -37,7 +37,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -59,7 +59,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-repostspace/package.json b/clients/client-repostspace/package.json index 7506363fe6a04..980167bba4119 100644 --- a/clients/client-repostspace/package.json +++ b/clients/client-repostspace/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-repostspace/src/RepostspaceClient.ts b/clients/client-repostspace/src/RepostspaceClient.ts index becbb69693d69..b15d08b0cbc2b 100644 --- a/clients/client-repostspace/src/RepostspaceClient.ts +++ b/clients/client-repostspace/src/RepostspaceClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRepostspaceHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSpaceCommandInput, CreateSpaceCommandOutput } from "./commands/CreateSpaceCommand"; import { DeleteSpaceCommandInput, DeleteSpaceCommandOutput } from "./commands/DeleteSpaceCommand"; import { DeregisterAdminCommandInput, DeregisterAdminCommandOutput } from "./commands/DeregisterAdminCommand"; @@ -192,21 +197,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -245,8 +251,8 @@ export type RepostspaceClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -265,8 +271,8 @@ export type RepostspaceClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -297,8 +303,8 @@ export class RepostspaceClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -307,8 +313,14 @@ export class RepostspaceClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -319,4 +331,13 @@ export class RepostspaceClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRepostspaceHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RepostspaceClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-repostspace/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-repostspace/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..eb072f3577930 --- /dev/null +++ b/clients/client-repostspace/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RepostspaceHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RepostspaceHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RepostspaceHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RepostspaceHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RepostspaceHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RepostspaceHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-repostspace/src/auth/httpAuthSchemeProvider.ts b/clients/client-repostspace/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..10626339d300f --- /dev/null +++ b/clients/client-repostspace/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RepostspaceClientConfig, RepostspaceClientResolvedConfig } from "../RepostspaceClient"; + +/** + * @internal + */ +export interface RepostspaceHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RepostspaceHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RepostspaceClientResolvedConfig, + HandlerExecutionContext, + RepostspaceHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRepostspaceHttpAuthSchemeParametersProvider = async ( + config: RepostspaceClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RepostspaceHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "repostspace", + region: authParameters.region, + }, + propertiesExtractor: (config: RepostspaceClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RepostspaceHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRepostspaceHttpAuthSchemeProvider: RepostspaceHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RepostspaceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RepostspaceHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-repostspace/src/extensionConfiguration.ts b/clients/client-repostspace/src/extensionConfiguration.ts index e9dd7ff58e7d9..cfc2a6349a02d 100644 --- a/clients/client-repostspace/src/extensionConfiguration.ts +++ b/clients/client-repostspace/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RepostspaceExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-repostspace/src/runtimeConfig.shared.ts b/clients/client-repostspace/src/runtimeConfig.shared.ts index cf4ad97d92868..581a6ab8fd9de 100644 --- a/clients/client-repostspace/src/runtimeConfig.shared.ts +++ b/clients/client-repostspace/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRepostspaceHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RepostspaceClientConfig } from "./RepostspaceClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RepostspaceClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRepostspaceHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "repostspace", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-repostspace/src/runtimeExtensions.ts b/clients/client-repostspace/src/runtimeExtensions.ts index 5fd30cce5515a..0986187565b83 100644 --- a/clients/client-repostspace/src/runtimeExtensions.ts +++ b/clients/client-repostspace/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RepostspaceExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-resiliencehub/package.json b/clients/client-resiliencehub/package.json index 4ae656ba94f51..c786e2b2a26b9 100644 --- a/clients/client-resiliencehub/package.json +++ b/clients/client-resiliencehub/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-resiliencehub/src/ResiliencehubClient.ts b/clients/client-resiliencehub/src/ResiliencehubClient.ts index c85d6fbdf8f5f..8cf70fb5831f8 100644 --- a/clients/client-resiliencehub/src/ResiliencehubClient.ts +++ b/clients/client-resiliencehub/src/ResiliencehubClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultResiliencehubHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddDraftAppVersionResourceMappingsCommandInput, AddDraftAppVersionResourceMappingsCommandOutput, @@ -441,21 +446,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -494,8 +500,8 @@ export type ResiliencehubClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -514,8 +520,8 @@ export type ResiliencehubClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -550,8 +556,8 @@ export class ResiliencehubClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -560,8 +566,14 @@ export class ResiliencehubClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -572,4 +584,13 @@ export class ResiliencehubClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultResiliencehubHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ResiliencehubClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-resiliencehub/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-resiliencehub/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..40bbeeee4aa73 --- /dev/null +++ b/clients/client-resiliencehub/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ResiliencehubHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResiliencehubHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ResiliencehubHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ResiliencehubHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResiliencehubHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ResiliencehubHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-resiliencehub/src/auth/httpAuthSchemeProvider.ts b/clients/client-resiliencehub/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..85a27ee4a3d5f --- /dev/null +++ b/clients/client-resiliencehub/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ResiliencehubClientConfig, ResiliencehubClientResolvedConfig } from "../ResiliencehubClient"; + +/** + * @internal + */ +export interface ResiliencehubHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ResiliencehubHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ResiliencehubClientResolvedConfig, + HandlerExecutionContext, + ResiliencehubHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultResiliencehubHttpAuthSchemeParametersProvider = async ( + config: ResiliencehubClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ResiliencehubHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "resiliencehub", + region: authParameters.region, + }, + propertiesExtractor: (config: ResiliencehubClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ResiliencehubHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultResiliencehubHttpAuthSchemeProvider: ResiliencehubHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ResiliencehubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ResiliencehubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-resiliencehub/src/extensionConfiguration.ts b/clients/client-resiliencehub/src/extensionConfiguration.ts index dfc7b38e05f10..ee73fd272d598 100644 --- a/clients/client-resiliencehub/src/extensionConfiguration.ts +++ b/clients/client-resiliencehub/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ResiliencehubExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-resiliencehub/src/runtimeConfig.shared.ts b/clients/client-resiliencehub/src/runtimeConfig.shared.ts index 2bc0cf1af6a6d..12e0f76d9f730 100644 --- a/clients/client-resiliencehub/src/runtimeConfig.shared.ts +++ b/clients/client-resiliencehub/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultResiliencehubHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ResiliencehubClientConfig } from "./ResiliencehubClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ResiliencehubClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultResiliencehubHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "resiliencehub", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-resiliencehub/src/runtimeExtensions.ts b/clients/client-resiliencehub/src/runtimeExtensions.ts index c3433dc54b3e5..f1156e7a2c2d6 100644 --- a/clients/client-resiliencehub/src/runtimeExtensions.ts +++ b/clients/client-resiliencehub/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ResiliencehubExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-resource-explorer-2/package.json b/clients/client-resource-explorer-2/package.json index 0457e75aeeea2..a921a6f011cce 100644 --- a/clients/client-resource-explorer-2/package.json +++ b/clients/client-resource-explorer-2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-resource-explorer-2/src/ResourceExplorer2Client.ts b/clients/client-resource-explorer-2/src/ResourceExplorer2Client.ts index e7633a3bb60b0..dc364fdbca46d 100644 --- a/clients/client-resource-explorer-2/src/ResourceExplorer2Client.ts +++ b/clients/client-resource-explorer-2/src/ResourceExplorer2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultResourceExplorer2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateDefaultViewCommandInput, AssociateDefaultViewCommandOutput, @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type ResourceExplorer2ClientConfigType = Partial<__SmithyConfiguration<__ EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type ResourceExplorer2ClientResolvedConfigType = __SmithyResolvedConfigur EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -362,8 +368,8 @@ export class ResourceExplorer2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -372,8 +378,14 @@ export class ResourceExplorer2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -384,4 +396,13 @@ export class ResourceExplorer2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultResourceExplorer2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ResourceExplorer2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-resource-explorer-2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-resource-explorer-2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..64acbc1998293 --- /dev/null +++ b/clients/client-resource-explorer-2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ResourceExplorer2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceExplorer2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ResourceExplorer2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ResourceExplorer2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceExplorer2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ResourceExplorer2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-resource-explorer-2/src/auth/httpAuthSchemeProvider.ts b/clients/client-resource-explorer-2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..63433f52ccb67 --- /dev/null +++ b/clients/client-resource-explorer-2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ResourceExplorer2ClientConfig, ResourceExplorer2ClientResolvedConfig } from "../ResourceExplorer2Client"; + +/** + * @internal + */ +export interface ResourceExplorer2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ResourceExplorer2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ResourceExplorer2ClientResolvedConfig, + HandlerExecutionContext, + ResourceExplorer2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultResourceExplorer2HttpAuthSchemeParametersProvider = async ( + config: ResourceExplorer2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ResourceExplorer2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "resource-explorer-2", + region: authParameters.region, + }, + propertiesExtractor: (config: ResourceExplorer2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ResourceExplorer2HttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultResourceExplorer2HttpAuthSchemeProvider: ResourceExplorer2HttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ResourceExplorer2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ResourceExplorer2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-resource-explorer-2/src/extensionConfiguration.ts b/clients/client-resource-explorer-2/src/extensionConfiguration.ts index dd5e9470b6eca..5fdc7681393de 100644 --- a/clients/client-resource-explorer-2/src/extensionConfiguration.ts +++ b/clients/client-resource-explorer-2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ResourceExplorer2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-resource-explorer-2/src/runtimeConfig.shared.ts b/clients/client-resource-explorer-2/src/runtimeConfig.shared.ts index 2ddfcea66c41a..5a12c17a425a3 100644 --- a/clients/client-resource-explorer-2/src/runtimeConfig.shared.ts +++ b/clients/client-resource-explorer-2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultResourceExplorer2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ResourceExplorer2ClientConfig } from "./ResourceExplorer2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ResourceExplorer2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultResourceExplorer2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Resource Explorer 2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-resource-explorer-2/src/runtimeExtensions.ts b/clients/client-resource-explorer-2/src/runtimeExtensions.ts index 605dfc065ad98..acef9fad3bc40 100644 --- a/clients/client-resource-explorer-2/src/runtimeExtensions.ts +++ b/clients/client-resource-explorer-2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ResourceExplorer2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-resource-groups-tagging-api/package.json b/clients/client-resource-groups-tagging-api/package.json index 1f6c8e35ecea2..98ee07a23a16f 100644 --- a/clients/client-resource-groups-tagging-api/package.json +++ b/clients/client-resource-groups-tagging-api/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-resource-groups-tagging-api/src/ResourceGroupsTaggingAPIClient.ts b/clients/client-resource-groups-tagging-api/src/ResourceGroupsTaggingAPIClient.ts index fea713e5ffa83..4589963ca7039 100644 --- a/clients/client-resource-groups-tagging-api/src/ResourceGroupsTaggingAPIClient.ts +++ b/clients/client-resource-groups-tagging-api/src/ResourceGroupsTaggingAPIClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultResourceGroupsTaggingAPIHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DescribeReportCreationCommandInput, DescribeReportCreationCommandOutput, @@ -189,21 +194,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -242,8 +248,8 @@ export type ResourceGroupsTaggingAPIClientConfigType = Partial<__SmithyConfigura EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -262,8 +268,8 @@ export type ResourceGroupsTaggingAPIClientResolvedConfigType = __SmithyResolvedC EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -295,8 +301,8 @@ export class ResourceGroupsTaggingAPIClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -305,8 +311,14 @@ export class ResourceGroupsTaggingAPIClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -317,4 +329,13 @@ export class ResourceGroupsTaggingAPIClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultResourceGroupsTaggingAPIHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ResourceGroupsTaggingAPIClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-resource-groups-tagging-api/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-resource-groups-tagging-api/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..2d31e5a5d1e04 --- /dev/null +++ b/clients/client-resource-groups-tagging-api/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ResourceGroupsTaggingAPIHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceGroupsTaggingAPIHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ResourceGroupsTaggingAPIHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ResourceGroupsTaggingAPIHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceGroupsTaggingAPIHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ResourceGroupsTaggingAPIHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-resource-groups-tagging-api/src/auth/httpAuthSchemeProvider.ts b/clients/client-resource-groups-tagging-api/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..552fa723d8e39 --- /dev/null +++ b/clients/client-resource-groups-tagging-api/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ResourceGroupsTaggingAPIClientConfig, + ResourceGroupsTaggingAPIClientResolvedConfig, +} from "../ResourceGroupsTaggingAPIClient"; + +/** + * @internal + */ +export interface ResourceGroupsTaggingAPIHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ResourceGroupsTaggingAPIHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ResourceGroupsTaggingAPIClientResolvedConfig, + HandlerExecutionContext, + ResourceGroupsTaggingAPIHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultResourceGroupsTaggingAPIHttpAuthSchemeParametersProvider = async ( + config: ResourceGroupsTaggingAPIClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ResourceGroupsTaggingAPIHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "tagging", + region: authParameters.region, + }, + propertiesExtractor: (config: ResourceGroupsTaggingAPIClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ResourceGroupsTaggingAPIHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultResourceGroupsTaggingAPIHttpAuthSchemeProvider: ResourceGroupsTaggingAPIHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ResourceGroupsTaggingAPIHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ResourceGroupsTaggingAPIHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-resource-groups-tagging-api/src/extensionConfiguration.ts b/clients/client-resource-groups-tagging-api/src/extensionConfiguration.ts index fc24ae64f70a3..e999664b97271 100644 --- a/clients/client-resource-groups-tagging-api/src/extensionConfiguration.ts +++ b/clients/client-resource-groups-tagging-api/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ResourceGroupsTaggingAPIExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-resource-groups-tagging-api/src/runtimeConfig.shared.ts b/clients/client-resource-groups-tagging-api/src/runtimeConfig.shared.ts index 5ebda04f73e93..ff0191204c7de 100644 --- a/clients/client-resource-groups-tagging-api/src/runtimeConfig.shared.ts +++ b/clients/client-resource-groups-tagging-api/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultResourceGroupsTaggingAPIHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ResourceGroupsTaggingAPIClientConfig } from "./ResourceGroupsTaggingAPIClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ResourceGroupsTaggingAPIClientConfig) = disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultResourceGroupsTaggingAPIHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Resource Groups Tagging API", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-resource-groups-tagging-api/src/runtimeExtensions.ts b/clients/client-resource-groups-tagging-api/src/runtimeExtensions.ts index d6ae680998491..7c3308e3a191f 100644 --- a/clients/client-resource-groups-tagging-api/src/runtimeExtensions.ts +++ b/clients/client-resource-groups-tagging-api/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ResourceGroupsTaggingAPIExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-resource-groups/package.json b/clients/client-resource-groups/package.json index e0f3faa985235..3f0bbb7fb2564 100644 --- a/clients/client-resource-groups/package.json +++ b/clients/client-resource-groups/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-resource-groups/src/ResourceGroupsClient.ts b/clients/client-resource-groups/src/ResourceGroupsClient.ts index 9e50ec34156a9..7c27d4d23486a 100644 --- a/clients/client-resource-groups/src/ResourceGroupsClient.ts +++ b/clients/client-resource-groups/src/ResourceGroupsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultResourceGroupsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; import { DeleteGroupCommandInput, DeleteGroupCommandOutput } from "./commands/DeleteGroupCommand"; import { GetAccountSettingsCommandInput, GetAccountSettingsCommandOutput } from "./commands/GetAccountSettingsCommand"; @@ -219,21 +224,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -272,8 +278,8 @@ export type ResourceGroupsClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -292,8 +298,8 @@ export type ResourceGroupsClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -357,8 +363,8 @@ export class ResourceGroupsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -367,8 +373,14 @@ export class ResourceGroupsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -379,4 +391,13 @@ export class ResourceGroupsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultResourceGroupsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ResourceGroupsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-resource-groups/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-resource-groups/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3ab8ed4c8e46d --- /dev/null +++ b/clients/client-resource-groups/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ResourceGroupsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceGroupsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ResourceGroupsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ResourceGroupsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ResourceGroupsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ResourceGroupsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-resource-groups/src/auth/httpAuthSchemeProvider.ts b/clients/client-resource-groups/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e7eb6cbde7924 --- /dev/null +++ b/clients/client-resource-groups/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ResourceGroupsClientConfig, ResourceGroupsClientResolvedConfig } from "../ResourceGroupsClient"; + +/** + * @internal + */ +export interface ResourceGroupsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ResourceGroupsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ResourceGroupsClientResolvedConfig, + HandlerExecutionContext, + ResourceGroupsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultResourceGroupsHttpAuthSchemeParametersProvider = async ( + config: ResourceGroupsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ResourceGroupsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "resource-groups", + region: authParameters.region, + }, + propertiesExtractor: (config: ResourceGroupsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ResourceGroupsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultResourceGroupsHttpAuthSchemeProvider: ResourceGroupsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ResourceGroupsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ResourceGroupsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-resource-groups/src/extensionConfiguration.ts b/clients/client-resource-groups/src/extensionConfiguration.ts index 6daecfbd14408..7969b9e91a6a4 100644 --- a/clients/client-resource-groups/src/extensionConfiguration.ts +++ b/clients/client-resource-groups/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ResourceGroupsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-resource-groups/src/runtimeConfig.shared.ts b/clients/client-resource-groups/src/runtimeConfig.shared.ts index e4a30d77a6b0f..ea60da86d0b65 100644 --- a/clients/client-resource-groups/src/runtimeConfig.shared.ts +++ b/clients/client-resource-groups/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultResourceGroupsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ResourceGroupsClientConfig } from "./ResourceGroupsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ResourceGroupsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultResourceGroupsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Resource Groups", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-resource-groups/src/runtimeExtensions.ts b/clients/client-resource-groups/src/runtimeExtensions.ts index 1741df4a73d29..142aab804f59d 100644 --- a/clients/client-resource-groups/src/runtimeExtensions.ts +++ b/clients/client-resource-groups/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ResourceGroupsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-robomaker/package.json b/clients/client-robomaker/package.json index bb4b36590ba0e..dec9175def548 100644 --- a/clients/client-robomaker/package.json +++ b/clients/client-robomaker/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-robomaker/src/RoboMakerClient.ts b/clients/client-robomaker/src/RoboMakerClient.ts index f977a8d67404b..c398362058fbb 100644 --- a/clients/client-robomaker/src/RoboMakerClient.ts +++ b/clients/client-robomaker/src/RoboMakerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoboMakerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchDeleteWorldsCommandInput, BatchDeleteWorldsCommandOutput } from "./commands/BatchDeleteWorldsCommand"; import { BatchDescribeSimulationJobCommandInput, @@ -441,21 +446,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -494,8 +500,8 @@ export type RoboMakerClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -514,8 +520,8 @@ export type RoboMakerClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -546,8 +552,8 @@ export class RoboMakerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -556,8 +562,14 @@ export class RoboMakerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -568,4 +580,13 @@ export class RoboMakerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoboMakerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RoboMakerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-robomaker/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-robomaker/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a9a2ed281166b --- /dev/null +++ b/clients/client-robomaker/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RoboMakerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RoboMakerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RoboMakerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RoboMakerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RoboMakerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RoboMakerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-robomaker/src/auth/httpAuthSchemeProvider.ts b/clients/client-robomaker/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d1bd70f525367 --- /dev/null +++ b/clients/client-robomaker/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RoboMakerClientConfig, RoboMakerClientResolvedConfig } from "../RoboMakerClient"; + +/** + * @internal + */ +export interface RoboMakerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RoboMakerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RoboMakerClientResolvedConfig, + HandlerExecutionContext, + RoboMakerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoboMakerHttpAuthSchemeParametersProvider = async ( + config: RoboMakerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RoboMakerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "robomaker", + region: authParameters.region, + }, + propertiesExtractor: (config: RoboMakerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RoboMakerHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoboMakerHttpAuthSchemeProvider: RoboMakerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RoboMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RoboMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-robomaker/src/extensionConfiguration.ts b/clients/client-robomaker/src/extensionConfiguration.ts index 6692895c17378..6689036c7f64b 100644 --- a/clients/client-robomaker/src/extensionConfiguration.ts +++ b/clients/client-robomaker/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RoboMakerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-robomaker/src/runtimeConfig.shared.ts b/clients/client-robomaker/src/runtimeConfig.shared.ts index eca006ebef83b..6df306a83d882 100644 --- a/clients/client-robomaker/src/runtimeConfig.shared.ts +++ b/clients/client-robomaker/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoboMakerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RoboMakerClientConfig } from "./RoboMakerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RoboMakerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoboMakerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "RoboMaker", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-robomaker/src/runtimeExtensions.ts b/clients/client-robomaker/src/runtimeExtensions.ts index 909c5d80cbe4e..440f770641390 100644 --- a/clients/client-robomaker/src/runtimeExtensions.ts +++ b/clients/client-robomaker/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RoboMakerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rolesanywhere/package.json b/clients/client-rolesanywhere/package.json index 8870b9868d1e4..9026290a1e06f 100644 --- a/clients/client-rolesanywhere/package.json +++ b/clients/client-rolesanywhere/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-rolesanywhere/src/RolesAnywhereClient.ts b/clients/client-rolesanywhere/src/RolesAnywhereClient.ts index 54ad32db9215d..a9c9e26e60846 100644 --- a/clients/client-rolesanywhere/src/RolesAnywhereClient.ts +++ b/clients/client-rolesanywhere/src/RolesAnywhereClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRolesAnywhereHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateProfileCommandInput, CreateProfileCommandOutput } from "./commands/CreateProfileCommand"; import { CreateTrustAnchorCommandInput, CreateTrustAnchorCommandOutput } from "./commands/CreateTrustAnchorCommand"; import { DeleteCrlCommandInput, DeleteCrlCommandOutput } from "./commands/DeleteCrlCommand"; @@ -249,21 +254,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -302,8 +308,8 @@ export type RolesAnywhereClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export type RolesAnywhereClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -368,8 +374,8 @@ export class RolesAnywhereClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -378,8 +384,14 @@ export class RolesAnywhereClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -390,4 +402,13 @@ export class RolesAnywhereClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRolesAnywhereHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RolesAnywhereClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-rolesanywhere/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-rolesanywhere/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ffa282de9709d --- /dev/null +++ b/clients/client-rolesanywhere/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RolesAnywhereHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RolesAnywhereHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RolesAnywhereHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RolesAnywhereHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RolesAnywhereHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RolesAnywhereHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-rolesanywhere/src/auth/httpAuthSchemeProvider.ts b/clients/client-rolesanywhere/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..cb2a2bae6f8fa --- /dev/null +++ b/clients/client-rolesanywhere/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RolesAnywhereClientConfig, RolesAnywhereClientResolvedConfig } from "../RolesAnywhereClient"; + +/** + * @internal + */ +export interface RolesAnywhereHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RolesAnywhereHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RolesAnywhereClientResolvedConfig, + HandlerExecutionContext, + RolesAnywhereHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRolesAnywhereHttpAuthSchemeParametersProvider = async ( + config: RolesAnywhereClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RolesAnywhereHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rolesanywhere", + region: authParameters.region, + }, + propertiesExtractor: (config: RolesAnywhereClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RolesAnywhereHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRolesAnywhereHttpAuthSchemeProvider: RolesAnywhereHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RolesAnywhereHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RolesAnywhereHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-rolesanywhere/src/extensionConfiguration.ts b/clients/client-rolesanywhere/src/extensionConfiguration.ts index 8af8de08f9b79..ac41dc7349224 100644 --- a/clients/client-rolesanywhere/src/extensionConfiguration.ts +++ b/clients/client-rolesanywhere/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RolesAnywhereExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-rolesanywhere/src/runtimeConfig.shared.ts b/clients/client-rolesanywhere/src/runtimeConfig.shared.ts index 2afaadf0bb764..4518de48fb65f 100644 --- a/clients/client-rolesanywhere/src/runtimeConfig.shared.ts +++ b/clients/client-rolesanywhere/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRolesAnywhereHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RolesAnywhereClientConfig } from "./RolesAnywhereClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RolesAnywhereClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRolesAnywhereHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "RolesAnywhere", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-rolesanywhere/src/runtimeExtensions.ts b/clients/client-rolesanywhere/src/runtimeExtensions.ts index 201715350ff42..2d76ad7cc55ae 100644 --- a/clients/client-rolesanywhere/src/runtimeExtensions.ts +++ b/clients/client-rolesanywhere/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RolesAnywhereExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-route-53-domains/package.json b/clients/client-route-53-domains/package.json index 0f23f8ab013bd..2f0298e62bf0c 100644 --- a/clients/client-route-53-domains/package.json +++ b/clients/client-route-53-domains/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-route-53-domains/src/Route53DomainsClient.ts b/clients/client-route-53-domains/src/Route53DomainsClient.ts index 6806fc55d9e78..14a9d80d4ad2b 100644 --- a/clients/client-route-53-domains/src/Route53DomainsClient.ts +++ b/clients/client-route-53-domains/src/Route53DomainsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoute53DomainsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptDomainTransferFromAnotherAwsAccountCommandInput, AcceptDomainTransferFromAnotherAwsAccountCommandOutput, @@ -324,21 +329,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -377,8 +383,8 @@ export type Route53DomainsClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -397,8 +403,8 @@ export type Route53DomainsClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -430,8 +436,8 @@ export class Route53DomainsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -440,8 +446,14 @@ export class Route53DomainsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -452,4 +464,13 @@ export class Route53DomainsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoute53DomainsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Route53DomainsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-route-53-domains/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-route-53-domains/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e741498e5a226 --- /dev/null +++ b/clients/client-route-53-domains/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Route53DomainsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53DomainsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Route53DomainsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Route53DomainsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53DomainsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Route53DomainsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-route-53-domains/src/auth/httpAuthSchemeProvider.ts b/clients/client-route-53-domains/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3aa63e2569b38 --- /dev/null +++ b/clients/client-route-53-domains/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { Route53DomainsClientConfig, Route53DomainsClientResolvedConfig } from "../Route53DomainsClient"; + +/** + * @internal + */ +export interface Route53DomainsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Route53DomainsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Route53DomainsClientResolvedConfig, + HandlerExecutionContext, + Route53DomainsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoute53DomainsHttpAuthSchemeParametersProvider = async ( + config: Route53DomainsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: Route53DomainsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "route53domains", + region: authParameters.region, + }, + propertiesExtractor: (config: Route53DomainsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Route53DomainsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoute53DomainsHttpAuthSchemeProvider: Route53DomainsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Route53DomainsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Route53DomainsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-route-53-domains/src/extensionConfiguration.ts b/clients/client-route-53-domains/src/extensionConfiguration.ts index c02f4b8d25219..7287ab994e02f 100644 --- a/clients/client-route-53-domains/src/extensionConfiguration.ts +++ b/clients/client-route-53-domains/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Route53DomainsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-route-53-domains/src/runtimeConfig.shared.ts b/clients/client-route-53-domains/src/runtimeConfig.shared.ts index 93d4820021490..736d870b4bf76 100644 --- a/clients/client-route-53-domains/src/runtimeConfig.shared.ts +++ b/clients/client-route-53-domains/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoute53DomainsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Route53DomainsClientConfig } from "./Route53DomainsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Route53DomainsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoute53DomainsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Route 53 Domains", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-route-53-domains/src/runtimeExtensions.ts b/clients/client-route-53-domains/src/runtimeExtensions.ts index 9ec6f2f82a643..1484b8d108e74 100644 --- a/clients/client-route-53-domains/src/runtimeExtensions.ts +++ b/clients/client-route-53-domains/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Route53DomainsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-route-53/package.json b/clients/client-route-53/package.json index a9b0011730cfe..021b3aadb6b90 100644 --- a/clients/client-route-53/package.json +++ b/clients/client-route-53/package.json @@ -35,7 +35,7 @@ "@aws-sdk/util-user-agent-node": "*", "@aws-sdk/xml-builder": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,7 +54,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-route53-recovery-cluster/package.json b/clients/client-route53-recovery-cluster/package.json index d6d71c22923b8..784da28e2336d 100644 --- a/clients/client-route53-recovery-cluster/package.json +++ b/clients/client-route53-recovery-cluster/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-route53-recovery-cluster/src/Route53RecoveryClusterClient.ts b/clients/client-route53-recovery-cluster/src/Route53RecoveryClusterClient.ts index c9c11941fe2df..30bfe95cc2093 100644 --- a/clients/client-route53-recovery-cluster/src/Route53RecoveryClusterClient.ts +++ b/clients/client-route53-recovery-cluster/src/Route53RecoveryClusterClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoute53RecoveryClusterHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetRoutingControlStateCommandInput, GetRoutingControlStateCommandOutput, @@ -180,21 +185,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -233,8 +239,8 @@ export type Route53RecoveryClusterClientConfigType = Partial<__SmithyConfigurati EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -253,8 +259,8 @@ export type Route53RecoveryClusterClientResolvedConfigType = __SmithyResolvedCon EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -324,8 +330,8 @@ export class Route53RecoveryClusterClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -334,8 +340,14 @@ export class Route53RecoveryClusterClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -346,4 +358,13 @@ export class Route53RecoveryClusterClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoute53RecoveryClusterHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Route53RecoveryClusterClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-route53-recovery-cluster/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-route53-recovery-cluster/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3866ab5c2f411 --- /dev/null +++ b/clients/client-route53-recovery-cluster/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Route53RecoveryClusterHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryClusterHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Route53RecoveryClusterHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Route53RecoveryClusterHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryClusterHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Route53RecoveryClusterHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-route53-recovery-cluster/src/auth/httpAuthSchemeProvider.ts b/clients/client-route53-recovery-cluster/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..795b7ead1d4fc --- /dev/null +++ b/clients/client-route53-recovery-cluster/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + Route53RecoveryClusterClientConfig, + Route53RecoveryClusterClientResolvedConfig, +} from "../Route53RecoveryClusterClient"; + +/** + * @internal + */ +export interface Route53RecoveryClusterHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Route53RecoveryClusterHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Route53RecoveryClusterClientResolvedConfig, + HandlerExecutionContext, + Route53RecoveryClusterHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoute53RecoveryClusterHttpAuthSchemeParametersProvider = async ( + config: Route53RecoveryClusterClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: Route53RecoveryClusterHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "route53-recovery-cluster", + region: authParameters.region, + }, + propertiesExtractor: (config: Route53RecoveryClusterClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Route53RecoveryClusterHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoute53RecoveryClusterHttpAuthSchemeProvider: Route53RecoveryClusterHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Route53RecoveryClusterHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Route53RecoveryClusterHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-route53-recovery-cluster/src/extensionConfiguration.ts b/clients/client-route53-recovery-cluster/src/extensionConfiguration.ts index 5ae8b52f358d6..e9283e1e1cca8 100644 --- a/clients/client-route53-recovery-cluster/src/extensionConfiguration.ts +++ b/clients/client-route53-recovery-cluster/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Route53RecoveryClusterExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-route53-recovery-cluster/src/runtimeConfig.shared.ts b/clients/client-route53-recovery-cluster/src/runtimeConfig.shared.ts index 6ccac5081985c..ea88c5d186e12 100644 --- a/clients/client-route53-recovery-cluster/src/runtimeConfig.shared.ts +++ b/clients/client-route53-recovery-cluster/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoute53RecoveryClusterHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Route53RecoveryClusterClientConfig } from "./Route53RecoveryClusterClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Route53RecoveryClusterClientConfig) => disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoute53RecoveryClusterHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Route53 Recovery Cluster", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-route53-recovery-cluster/src/runtimeExtensions.ts b/clients/client-route53-recovery-cluster/src/runtimeExtensions.ts index 74d33bd2129cb..fd9b2f7a43ad8 100644 --- a/clients/client-route53-recovery-cluster/src/runtimeExtensions.ts +++ b/clients/client-route53-recovery-cluster/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Route53RecoveryClusterExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-route53-recovery-control-config/package.json b/clients/client-route53-recovery-control-config/package.json index 24545ac2a477b..c2d7005a88752 100644 --- a/clients/client-route53-recovery-control-config/package.json +++ b/clients/client-route53-recovery-control-config/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-route53-recovery-control-config/src/Route53RecoveryControlConfigClient.ts b/clients/client-route53-recovery-control-config/src/Route53RecoveryControlConfigClient.ts index a137c91ce8cdc..31be9ddb1dd60 100644 --- a/clients/client-route53-recovery-control-config/src/Route53RecoveryControlConfigClient.ts +++ b/clients/client-route53-recovery-control-config/src/Route53RecoveryControlConfigClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoute53RecoveryControlConfigHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateClusterCommandInput, CreateClusterCommandOutput } from "./commands/CreateClusterCommand"; import { CreateControlPanelCommandInput, CreateControlPanelCommandOutput } from "./commands/CreateControlPanelCommand"; import { @@ -252,21 +257,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -305,8 +311,8 @@ export type Route53RecoveryControlConfigClientConfigType = Partial<__SmithyConfi EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -325,8 +331,8 @@ export type Route53RecoveryControlConfigClientResolvedConfigType = __SmithyResol EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -358,8 +364,8 @@ export class Route53RecoveryControlConfigClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -368,8 +374,14 @@ export class Route53RecoveryControlConfigClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -380,4 +392,13 @@ export class Route53RecoveryControlConfigClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoute53RecoveryControlConfigHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Route53RecoveryControlConfigClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-route53-recovery-control-config/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-route53-recovery-control-config/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..107ebfd116956 --- /dev/null +++ b/clients/client-route53-recovery-control-config/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Route53RecoveryControlConfigHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryControlConfigHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Route53RecoveryControlConfigHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Route53RecoveryControlConfigHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryControlConfigHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Route53RecoveryControlConfigHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-route53-recovery-control-config/src/auth/httpAuthSchemeProvider.ts b/clients/client-route53-recovery-control-config/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..913f8a7efbe44 --- /dev/null +++ b/clients/client-route53-recovery-control-config/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + Route53RecoveryControlConfigClientConfig, + Route53RecoveryControlConfigClientResolvedConfig, +} from "../Route53RecoveryControlConfigClient"; + +/** + * @internal + */ +export interface Route53RecoveryControlConfigHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Route53RecoveryControlConfigHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Route53RecoveryControlConfigClientResolvedConfig, + HandlerExecutionContext, + Route53RecoveryControlConfigHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoute53RecoveryControlConfigHttpAuthSchemeParametersProvider = async ( + config: Route53RecoveryControlConfigClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: Route53RecoveryControlConfigHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "route53-recovery-control-config", + region: authParameters.region, + }, + propertiesExtractor: (config: Route53RecoveryControlConfigClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Route53RecoveryControlConfigHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoute53RecoveryControlConfigHttpAuthSchemeProvider: Route53RecoveryControlConfigHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Route53RecoveryControlConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Route53RecoveryControlConfigHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-route53-recovery-control-config/src/extensionConfiguration.ts b/clients/client-route53-recovery-control-config/src/extensionConfiguration.ts index 0ca7d517eb5e0..ed7271f6863c5 100644 --- a/clients/client-route53-recovery-control-config/src/extensionConfiguration.ts +++ b/clients/client-route53-recovery-control-config/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Route53RecoveryControlConfigExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-route53-recovery-control-config/src/runtimeConfig.shared.ts b/clients/client-route53-recovery-control-config/src/runtimeConfig.shared.ts index ca190f541b3a7..a75a0bcfd75b1 100644 --- a/clients/client-route53-recovery-control-config/src/runtimeConfig.shared.ts +++ b/clients/client-route53-recovery-control-config/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoute53RecoveryControlConfigHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Route53RecoveryControlConfigClientConfig } from "./Route53RecoveryControlConfigClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Route53RecoveryControlConfigClientConfi disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoute53RecoveryControlConfigHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Route53 Recovery Control Config", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-route53-recovery-control-config/src/runtimeExtensions.ts b/clients/client-route53-recovery-control-config/src/runtimeExtensions.ts index b8b93bfc3241d..7cbee5a49e47a 100644 --- a/clients/client-route53-recovery-control-config/src/runtimeExtensions.ts +++ b/clients/client-route53-recovery-control-config/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Route53RecoveryControlConfigExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-route53-recovery-readiness/package.json b/clients/client-route53-recovery-readiness/package.json index 8c5c4a323ccee..17c553e0e8653 100644 --- a/clients/client-route53-recovery-readiness/package.json +++ b/clients/client-route53-recovery-readiness/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts index 8662d25d0ec92..9be03e1fb52ed 100644 --- a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts +++ b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoute53RecoveryReadinessHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCellCommandInput, CreateCellCommandOutput } from "./commands/CreateCellCommand"; import { CreateCrossAccountAuthorizationCommandInput, @@ -300,21 +305,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -353,8 +359,8 @@ export type Route53RecoveryReadinessClientConfigType = Partial<__SmithyConfigura EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -373,8 +379,8 @@ export type Route53RecoveryReadinessClientResolvedConfigType = __SmithyResolvedC EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -406,8 +412,8 @@ export class Route53RecoveryReadinessClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -416,8 +422,14 @@ export class Route53RecoveryReadinessClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -428,4 +440,13 @@ export class Route53RecoveryReadinessClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoute53RecoveryReadinessHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Route53RecoveryReadinessClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-route53-recovery-readiness/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-route53-recovery-readiness/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..10889f63e8697 --- /dev/null +++ b/clients/client-route53-recovery-readiness/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Route53RecoveryReadinessHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryReadinessHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Route53RecoveryReadinessHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Route53RecoveryReadinessHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53RecoveryReadinessHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Route53RecoveryReadinessHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-route53-recovery-readiness/src/auth/httpAuthSchemeProvider.ts b/clients/client-route53-recovery-readiness/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fb320ed0d30dc --- /dev/null +++ b/clients/client-route53-recovery-readiness/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + Route53RecoveryReadinessClientConfig, + Route53RecoveryReadinessClientResolvedConfig, +} from "../Route53RecoveryReadinessClient"; + +/** + * @internal + */ +export interface Route53RecoveryReadinessHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Route53RecoveryReadinessHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Route53RecoveryReadinessClientResolvedConfig, + HandlerExecutionContext, + Route53RecoveryReadinessHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoute53RecoveryReadinessHttpAuthSchemeParametersProvider = async ( + config: Route53RecoveryReadinessClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: Route53RecoveryReadinessHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "route53-recovery-readiness", + region: authParameters.region, + }, + propertiesExtractor: (config: Route53RecoveryReadinessClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Route53RecoveryReadinessHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoute53RecoveryReadinessHttpAuthSchemeProvider: Route53RecoveryReadinessHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Route53RecoveryReadinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Route53RecoveryReadinessHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-route53-recovery-readiness/src/extensionConfiguration.ts b/clients/client-route53-recovery-readiness/src/extensionConfiguration.ts index 209420bc6b765..25b16a6568308 100644 --- a/clients/client-route53-recovery-readiness/src/extensionConfiguration.ts +++ b/clients/client-route53-recovery-readiness/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Route53RecoveryReadinessExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-route53-recovery-readiness/src/runtimeConfig.shared.ts b/clients/client-route53-recovery-readiness/src/runtimeConfig.shared.ts index 119290e42263b..fde762368e97a 100644 --- a/clients/client-route53-recovery-readiness/src/runtimeConfig.shared.ts +++ b/clients/client-route53-recovery-readiness/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoute53RecoveryReadinessHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Route53RecoveryReadinessClientConfig } from "./Route53RecoveryReadinessClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Route53RecoveryReadinessClientConfig) = disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoute53RecoveryReadinessHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Route53 Recovery Readiness", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-route53-recovery-readiness/src/runtimeExtensions.ts b/clients/client-route53-recovery-readiness/src/runtimeExtensions.ts index 8c38982cc7f94..b1039bff5a302 100644 --- a/clients/client-route53-recovery-readiness/src/runtimeExtensions.ts +++ b/clients/client-route53-recovery-readiness/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Route53RecoveryReadinessExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-route53resolver/package.json b/clients/client-route53resolver/package.json index 2a9b853ebc2db..8ff53952bb48f 100644 --- a/clients/client-route53resolver/package.json +++ b/clients/client-route53resolver/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-route53resolver/src/Route53ResolverClient.ts b/clients/client-route53resolver/src/Route53ResolverClient.ts index 4c2d1a7131695..c0a7c318e32b6 100644 --- a/clients/client-route53resolver/src/Route53ResolverClient.ts +++ b/clients/client-route53resolver/src/Route53ResolverClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRoute53ResolverHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateFirewallRuleGroupCommandInput, AssociateFirewallRuleGroupCommandOutput, @@ -522,21 +527,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -575,8 +581,8 @@ export type Route53ResolverClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -595,8 +601,8 @@ export type Route53ResolverClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -653,8 +659,8 @@ export class Route53ResolverClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -663,8 +669,14 @@ export class Route53ResolverClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -675,4 +687,13 @@ export class Route53ResolverClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRoute53ResolverHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: Route53ResolverClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-route53resolver/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-route53resolver/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ee9af9efc836d --- /dev/null +++ b/clients/client-route53resolver/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { Route53ResolverHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53ResolverHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): Route53ResolverHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: Route53ResolverHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: Route53ResolverHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): Route53ResolverHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-route53resolver/src/auth/httpAuthSchemeProvider.ts b/clients/client-route53resolver/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9304d5eb51fbb --- /dev/null +++ b/clients/client-route53resolver/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { Route53ResolverClientConfig, Route53ResolverClientResolvedConfig } from "../Route53ResolverClient"; + +/** + * @internal + */ +export interface Route53ResolverHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface Route53ResolverHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + Route53ResolverClientResolvedConfig, + HandlerExecutionContext, + Route53ResolverHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRoute53ResolverHttpAuthSchemeParametersProvider = async ( + config: Route53ResolverClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: Route53ResolverHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "route53resolver", + region: authParameters.region, + }, + propertiesExtractor: (config: Route53ResolverClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface Route53ResolverHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRoute53ResolverHttpAuthSchemeProvider: Route53ResolverHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: Route53ResolverHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: Route53ResolverHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-route53resolver/src/extensionConfiguration.ts b/clients/client-route53resolver/src/extensionConfiguration.ts index ea170886a78f0..da042fe9dba5d 100644 --- a/clients/client-route53resolver/src/extensionConfiguration.ts +++ b/clients/client-route53resolver/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface Route53ResolverExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-route53resolver/src/runtimeConfig.shared.ts b/clients/client-route53resolver/src/runtimeConfig.shared.ts index 0da62f1c54885..520215f6a3e7d 100644 --- a/clients/client-route53resolver/src/runtimeConfig.shared.ts +++ b/clients/client-route53resolver/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRoute53ResolverHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { Route53ResolverClientConfig } from "./Route53ResolverClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: Route53ResolverClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRoute53ResolverHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Route53Resolver", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-route53resolver/src/runtimeExtensions.ts b/clients/client-route53resolver/src/runtimeExtensions.ts index 8cb9bafa6d145..f7dde8a6b6467 100644 --- a/clients/client-route53resolver/src/runtimeExtensions.ts +++ b/clients/client-route53resolver/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { Route53ResolverExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-rum/package.json b/clients/client-rum/package.json index f425d6eda570a..e25d3dadfcb81 100644 --- a/clients/client-rum/package.json +++ b/clients/client-rum/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-rum/src/RUMClient.ts b/clients/client-rum/src/RUMClient.ts index 672366182de88..11cf1463bce7e 100644 --- a/clients/client-rum/src/RUMClient.ts +++ b/clients/client-rum/src/RUMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultRUMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchCreateRumMetricDefinitionsCommandInput, BatchCreateRumMetricDefinitionsCommandOutput, @@ -231,21 +236,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -284,8 +290,8 @@ export type RUMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -304,8 +310,8 @@ export type RUMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -343,8 +349,8 @@ export class RUMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -353,8 +359,14 @@ export class RUMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -365,4 +377,13 @@ export class RUMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultRUMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: RUMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-rum/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-rum/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..0e5f1ca4e8957 --- /dev/null +++ b/clients/client-rum/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { RUMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RUMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): RUMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: RUMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: RUMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): RUMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-rum/src/auth/httpAuthSchemeProvider.ts b/clients/client-rum/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..97860dbf173cb --- /dev/null +++ b/clients/client-rum/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { RUMClientConfig, RUMClientResolvedConfig } from "../RUMClient"; + +/** + * @internal + */ +export interface RUMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface RUMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + RUMClientResolvedConfig, + HandlerExecutionContext, + RUMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultRUMHttpAuthSchemeParametersProvider = async ( + config: RUMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: RUMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "rum", + region: authParameters.region, + }, + propertiesExtractor: (config: RUMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface RUMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultRUMHttpAuthSchemeProvider: RUMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: RUMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: RUMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-rum/src/extensionConfiguration.ts b/clients/client-rum/src/extensionConfiguration.ts index f4dc608e6d42d..cd2c0f57f2bfd 100644 --- a/clients/client-rum/src/extensionConfiguration.ts +++ b/clients/client-rum/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface RUMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-rum/src/runtimeConfig.shared.ts b/clients/client-rum/src/runtimeConfig.shared.ts index 2fadef4cb019e..55ae298ae31a2 100644 --- a/clients/client-rum/src/runtimeConfig.shared.ts +++ b/clients/client-rum/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultRUMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { RUMClientConfig } from "./RUMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: RUMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultRUMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "RUM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-rum/src/runtimeExtensions.ts b/clients/client-rum/src/runtimeExtensions.ts index cca671c949ddf..a303450246e0c 100644 --- a/clients/client-rum/src/runtimeExtensions.ts +++ b/clients/client-rum/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { RUMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-s3-control/package.json b/clients/client-s3-control/package.json index d667bbade32d4..8cf975b20679b 100644 --- a/clients/client-s3-control/package.json +++ b/clients/client-s3-control/package.json @@ -37,7 +37,7 @@ "@aws-sdk/util-user-agent-node": "*", "@aws-sdk/xml-builder": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-blob-browser": "^2.1.1", "@smithy/hash-node": "^2.1.1", @@ -60,7 +60,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-s3/package.json b/clients/client-s3/package.json index 4b4231e3085fe..9f942fe8a3ebc 100644 --- a/clients/client-s3/package.json +++ b/clients/client-s3/package.json @@ -48,7 +48,7 @@ "@aws-sdk/util-user-agent-node": "*", "@aws-sdk/xml-builder": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -73,7 +73,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", diff --git a/clients/client-s3outposts/package.json b/clients/client-s3outposts/package.json index a53c154c0bd3b..80cf2e80b6955 100644 --- a/clients/client-s3outposts/package.json +++ b/clients/client-s3outposts/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-s3outposts/src/S3OutpostsClient.ts b/clients/client-s3outposts/src/S3OutpostsClient.ts index 1e4156425a0aa..054e035bc7b5c 100644 --- a/clients/client-s3outposts/src/S3OutpostsClient.ts +++ b/clients/client-s3outposts/src/S3OutpostsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultS3OutpostsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateEndpointCommandInput, CreateEndpointCommandOutput } from "./commands/CreateEndpointCommand"; import { DeleteEndpointCommandInput, DeleteEndpointCommandOutput } from "./commands/DeleteEndpointCommand"; import { ListEndpointsCommandInput, ListEndpointsCommandOutput } from "./commands/ListEndpointsCommand"; @@ -174,21 +179,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -227,8 +233,8 @@ export type S3OutpostsClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -247,8 +253,8 @@ export type S3OutpostsClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -279,8 +285,8 @@ export class S3OutpostsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -289,8 +295,14 @@ export class S3OutpostsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -301,4 +313,13 @@ export class S3OutpostsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultS3OutpostsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: S3OutpostsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-s3outposts/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-s3outposts/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..91d679321324c --- /dev/null +++ b/clients/client-s3outposts/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { S3OutpostsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: S3OutpostsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): S3OutpostsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: S3OutpostsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: S3OutpostsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): S3OutpostsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-s3outposts/src/auth/httpAuthSchemeProvider.ts b/clients/client-s3outposts/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1a750a3fac6a2 --- /dev/null +++ b/clients/client-s3outposts/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { S3OutpostsClientConfig, S3OutpostsClientResolvedConfig } from "../S3OutpostsClient"; + +/** + * @internal + */ +export interface S3OutpostsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface S3OutpostsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + S3OutpostsClientResolvedConfig, + HandlerExecutionContext, + S3OutpostsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultS3OutpostsHttpAuthSchemeParametersProvider = async ( + config: S3OutpostsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: S3OutpostsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "s3-outposts", + region: authParameters.region, + }, + propertiesExtractor: (config: S3OutpostsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface S3OutpostsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultS3OutpostsHttpAuthSchemeProvider: S3OutpostsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: S3OutpostsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: S3OutpostsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-s3outposts/src/extensionConfiguration.ts b/clients/client-s3outposts/src/extensionConfiguration.ts index b172e7828e834..b45a797130f43 100644 --- a/clients/client-s3outposts/src/extensionConfiguration.ts +++ b/clients/client-s3outposts/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface S3OutpostsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-s3outposts/src/runtimeConfig.shared.ts b/clients/client-s3outposts/src/runtimeConfig.shared.ts index 980b8669e521f..5a18f5ef7c8c6 100644 --- a/clients/client-s3outposts/src/runtimeConfig.shared.ts +++ b/clients/client-s3outposts/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultS3OutpostsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { S3OutpostsClientConfig } from "./S3OutpostsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: S3OutpostsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultS3OutpostsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "S3Outposts", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-s3outposts/src/runtimeExtensions.ts b/clients/client-s3outposts/src/runtimeExtensions.ts index 529ff24cb2c1f..6a0589898e093 100644 --- a/clients/client-s3outposts/src/runtimeExtensions.ts +++ b/clients/client-s3outposts/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { S3OutpostsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-a2i-runtime/package.json b/clients/client-sagemaker-a2i-runtime/package.json index 8f3f1a536f8d5..ace6a7e49001c 100644 --- a/clients/client-sagemaker-a2i-runtime/package.json +++ b/clients/client-sagemaker-a2i-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sagemaker-a2i-runtime/src/SageMakerA2IRuntimeClient.ts b/clients/client-sagemaker-a2i-runtime/src/SageMakerA2IRuntimeClient.ts index f2a26f960deaa..01e1f57ec79c9 100644 --- a/clients/client-sagemaker-a2i-runtime/src/SageMakerA2IRuntimeClient.ts +++ b/clients/client-sagemaker-a2i-runtime/src/SageMakerA2IRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerA2IRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteHumanLoopCommandInput, DeleteHumanLoopCommandOutput } from "./commands/DeleteHumanLoopCommand"; import { DescribeHumanLoopCommandInput, DescribeHumanLoopCommandOutput } from "./commands/DescribeHumanLoopCommand"; import { ListHumanLoopsCommandInput, ListHumanLoopsCommandOutput } from "./commands/ListHumanLoopsCommand"; @@ -171,21 +176,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -224,8 +230,8 @@ export type SageMakerA2IRuntimeClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -244,8 +250,8 @@ export type SageMakerA2IRuntimeClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export class SageMakerA2IRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -311,8 +317,14 @@ export class SageMakerA2IRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -323,4 +335,13 @@ export class SageMakerA2IRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerA2IRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerA2IRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..5ab9f8b23b983 --- /dev/null +++ b/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerA2IRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerA2IRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerA2IRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerA2IRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerA2IRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerA2IRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c94931e79aeb1 --- /dev/null +++ b/clients/client-sagemaker-a2i-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SageMakerA2IRuntimeClientConfig, SageMakerA2IRuntimeClientResolvedConfig } from "../SageMakerA2IRuntimeClient"; + +/** + * @internal + */ +export interface SageMakerA2IRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerA2IRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerA2IRuntimeClientResolvedConfig, + HandlerExecutionContext, + SageMakerA2IRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerA2IRuntimeHttpAuthSchemeParametersProvider = async ( + config: SageMakerA2IRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SageMakerA2IRuntimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerA2IRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerA2IRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerA2IRuntimeHttpAuthSchemeProvider: SageMakerA2IRuntimeHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerA2IRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerA2IRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-a2i-runtime/src/extensionConfiguration.ts b/clients/client-sagemaker-a2i-runtime/src/extensionConfiguration.ts index ae3b2740ce440..65fa9bb76cbff 100644 --- a/clients/client-sagemaker-a2i-runtime/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-a2i-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerA2IRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-a2i-runtime/src/runtimeConfig.shared.ts b/clients/client-sagemaker-a2i-runtime/src/runtimeConfig.shared.ts index 5d4476f01be07..3ab7c25725ed8 100644 --- a/clients/client-sagemaker-a2i-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-a2i-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerA2IRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerA2IRuntimeClientConfig } from "./SageMakerA2IRuntimeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SageMakerA2IRuntimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerA2IRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SageMaker A2I Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker-a2i-runtime/src/runtimeExtensions.ts b/clients/client-sagemaker-a2i-runtime/src/runtimeExtensions.ts index 1ad19265735e6..eeebd5cf18214 100644 --- a/clients/client-sagemaker-a2i-runtime/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-a2i-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerA2IRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-edge/package.json b/clients/client-sagemaker-edge/package.json index 75404792ff7e4..4f548e6707750 100644 --- a/clients/client-sagemaker-edge/package.json +++ b/clients/client-sagemaker-edge/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sagemaker-edge/src/SagemakerEdgeClient.ts b/clients/client-sagemaker-edge/src/SagemakerEdgeClient.ts index bd68cef41e439..e49dd38cbd6f6 100644 --- a/clients/client-sagemaker-edge/src/SagemakerEdgeClient.ts +++ b/clients/client-sagemaker-edge/src/SagemakerEdgeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSagemakerEdgeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetDeploymentsCommandInput, GetDeploymentsCommandOutput } from "./commands/GetDeploymentsCommand"; import { GetDeviceRegistrationCommandInput, @@ -168,21 +173,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -221,8 +227,8 @@ export type SagemakerEdgeClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -241,8 +247,8 @@ export type SagemakerEdgeClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -273,8 +279,8 @@ export class SagemakerEdgeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -283,8 +289,14 @@ export class SagemakerEdgeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -295,4 +307,13 @@ export class SagemakerEdgeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSagemakerEdgeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SagemakerEdgeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-edge/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-edge/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d88a55eeceec4 --- /dev/null +++ b/clients/client-sagemaker-edge/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SagemakerEdgeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SagemakerEdgeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SagemakerEdgeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SagemakerEdgeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SagemakerEdgeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SagemakerEdgeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-edge/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-edge/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b3ff90dc84328 --- /dev/null +++ b/clients/client-sagemaker-edge/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SagemakerEdgeClientConfig, SagemakerEdgeClientResolvedConfig } from "../SagemakerEdgeClient"; + +/** + * @internal + */ +export interface SagemakerEdgeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SagemakerEdgeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SagemakerEdgeClientResolvedConfig, + HandlerExecutionContext, + SagemakerEdgeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSagemakerEdgeHttpAuthSchemeParametersProvider = async ( + config: SagemakerEdgeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SagemakerEdgeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SagemakerEdgeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SagemakerEdgeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSagemakerEdgeHttpAuthSchemeProvider: SagemakerEdgeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SagemakerEdgeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SagemakerEdgeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-edge/src/extensionConfiguration.ts b/clients/client-sagemaker-edge/src/extensionConfiguration.ts index b4f3690946118..197800b020728 100644 --- a/clients/client-sagemaker-edge/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-edge/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SagemakerEdgeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-edge/src/runtimeConfig.shared.ts b/clients/client-sagemaker-edge/src/runtimeConfig.shared.ts index 0962391d65d2a..0c2f78628e9a7 100644 --- a/clients/client-sagemaker-edge/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-edge/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSagemakerEdgeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SagemakerEdgeClientConfig } from "./SagemakerEdgeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SagemakerEdgeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSagemakerEdgeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Sagemaker Edge", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker-edge/src/runtimeExtensions.ts b/clients/client-sagemaker-edge/src/runtimeExtensions.ts index 6ef6bba9d4655..072cdfdb56128 100644 --- a/clients/client-sagemaker-edge/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-edge/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SagemakerEdgeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-featurestore-runtime/package.json b/clients/client-sagemaker-featurestore-runtime/package.json index 05226eded0b0a..6cbd9d150dc49 100644 --- a/clients/client-sagemaker-featurestore-runtime/package.json +++ b/clients/client-sagemaker-featurestore-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sagemaker-featurestore-runtime/src/SageMakerFeatureStoreRuntimeClient.ts b/clients/client-sagemaker-featurestore-runtime/src/SageMakerFeatureStoreRuntimeClient.ts index d457c3bf3dd9f..d5d80671f313f 100644 --- a/clients/client-sagemaker-featurestore-runtime/src/SageMakerFeatureStoreRuntimeClient.ts +++ b/clients/client-sagemaker-featurestore-runtime/src/SageMakerFeatureStoreRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetRecordCommandInput, BatchGetRecordCommandOutput } from "./commands/BatchGetRecordCommand"; import { DeleteRecordCommandInput, DeleteRecordCommandOutput } from "./commands/DeleteRecordCommand"; import { GetRecordCommandInput, GetRecordCommandOutput } from "./commands/GetRecordCommand"; @@ -168,21 +173,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -221,8 +227,8 @@ export type SageMakerFeatureStoreRuntimeClientConfigType = Partial<__SmithyConfi EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -241,8 +247,8 @@ export type SageMakerFeatureStoreRuntimeClientResolvedConfigType = __SmithyResol EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -300,8 +306,8 @@ export class SageMakerFeatureStoreRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -310,8 +316,14 @@ export class SageMakerFeatureStoreRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -322,4 +334,13 @@ export class SageMakerFeatureStoreRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerFeatureStoreRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..321526dcfa214 --- /dev/null +++ b/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..19b12ad3d1bf1 --- /dev/null +++ b/clients/client-sagemaker-featurestore-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + SageMakerFeatureStoreRuntimeClientConfig, + SageMakerFeatureStoreRuntimeClientResolvedConfig, +} from "../SageMakerFeatureStoreRuntimeClient"; + +/** + * @internal + */ +export interface SageMakerFeatureStoreRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerFeatureStoreRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerFeatureStoreRuntimeClientResolvedConfig, + HandlerExecutionContext, + SageMakerFeatureStoreRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeParametersProvider = async ( + config: SageMakerFeatureStoreRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: SageMakerFeatureStoreRuntimeHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerFeatureStoreRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeProvider: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerFeatureStoreRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-featurestore-runtime/src/extensionConfiguration.ts b/clients/client-sagemaker-featurestore-runtime/src/extensionConfiguration.ts index 6201589c758fb..6dc31705f8b52 100644 --- a/clients/client-sagemaker-featurestore-runtime/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-featurestore-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerFeatureStoreRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-featurestore-runtime/src/runtimeConfig.shared.ts b/clients/client-sagemaker-featurestore-runtime/src/runtimeConfig.shared.ts index df48a11ab17af..aee7b01a612a3 100644 --- a/clients/client-sagemaker-featurestore-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-featurestore-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerFeatureStoreRuntimeClientConfig } from "./SageMakerFeatureStoreRuntimeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SageMakerFeatureStoreRuntimeClientConfi disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerFeatureStoreRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SageMaker FeatureStore Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker-featurestore-runtime/src/runtimeExtensions.ts b/clients/client-sagemaker-featurestore-runtime/src/runtimeExtensions.ts index 1cf6cd7974231..98848e2e845b9 100644 --- a/clients/client-sagemaker-featurestore-runtime/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-featurestore-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerFeatureStoreRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-geospatial/package.json b/clients/client-sagemaker-geospatial/package.json index 6a9021f701869..6ca10407cc1ab 100644 --- a/clients/client-sagemaker-geospatial/package.json +++ b/clients/client-sagemaker-geospatial/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-sagemaker-geospatial/src/SageMakerGeospatialClient.ts b/clients/client-sagemaker-geospatial/src/SageMakerGeospatialClient.ts index f82c135b404a8..3e6f76d422c15 100644 --- a/clients/client-sagemaker-geospatial/src/SageMakerGeospatialClient.ts +++ b/clients/client-sagemaker-geospatial/src/SageMakerGeospatialClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerGeospatialHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteEarthObservationJobCommandInput, DeleteEarthObservationJobCommandOutput, @@ -262,21 +267,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -321,8 +327,8 @@ export type SageMakerGeospatialClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -341,8 +347,8 @@ export type SageMakerGeospatialClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -373,8 +379,8 @@ export class SageMakerGeospatialClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -383,8 +389,14 @@ export class SageMakerGeospatialClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -395,4 +407,13 @@ export class SageMakerGeospatialClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerGeospatialHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerGeospatialClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-geospatial/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-geospatial/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b03b8201d4451 --- /dev/null +++ b/clients/client-sagemaker-geospatial/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerGeospatialHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerGeospatialHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerGeospatialHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerGeospatialHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerGeospatialHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerGeospatialHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-geospatial/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-geospatial/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0cc7eab7430d5 --- /dev/null +++ b/clients/client-sagemaker-geospatial/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SageMakerGeospatialClientConfig, SageMakerGeospatialClientResolvedConfig } from "../SageMakerGeospatialClient"; + +/** + * @internal + */ +export interface SageMakerGeospatialHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerGeospatialHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerGeospatialClientResolvedConfig, + HandlerExecutionContext, + SageMakerGeospatialHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerGeospatialHttpAuthSchemeParametersProvider = async ( + config: SageMakerGeospatialClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SageMakerGeospatialHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker-geospatial", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerGeospatialClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerGeospatialHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerGeospatialHttpAuthSchemeProvider: SageMakerGeospatialHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerGeospatialHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerGeospatialHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-geospatial/src/extensionConfiguration.ts b/clients/client-sagemaker-geospatial/src/extensionConfiguration.ts index e107787fc504c..8e12aa6e2ce2a 100644 --- a/clients/client-sagemaker-geospatial/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-geospatial/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerGeospatialExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-geospatial/src/runtimeConfig.shared.ts b/clients/client-sagemaker-geospatial/src/runtimeConfig.shared.ts index 18907fecd3bc8..deef2c0d0b2bd 100644 --- a/clients/client-sagemaker-geospatial/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-geospatial/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerGeospatialHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerGeospatialClientConfig } from "./SageMakerGeospatialClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: SageMakerGeospatialClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerGeospatialHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "SageMaker Geospatial", diff --git a/clients/client-sagemaker-geospatial/src/runtimeExtensions.ts b/clients/client-sagemaker-geospatial/src/runtimeExtensions.ts index 71cd3197f1410..2713f2b2d7999 100644 --- a/clients/client-sagemaker-geospatial/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-geospatial/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerGeospatialExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-metrics/package.json b/clients/client-sagemaker-metrics/package.json index 4add78a9ece3f..f60f0586d21fc 100644 --- a/clients/client-sagemaker-metrics/package.json +++ b/clients/client-sagemaker-metrics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sagemaker-metrics/src/SageMakerMetricsClient.ts b/clients/client-sagemaker-metrics/src/SageMakerMetricsClient.ts index ed7ce4e38eab6..ea0fb97cff4f3 100644 --- a/clients/client-sagemaker-metrics/src/SageMakerMetricsClient.ts +++ b/clients/client-sagemaker-metrics/src/SageMakerMetricsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerMetricsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchPutMetricsCommandInput, BatchPutMetricsCommandOutput } from "./commands/BatchPutMetricsCommand"; import { ClientInputEndpointParameters, @@ -157,21 +162,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -210,8 +216,8 @@ export type SageMakerMetricsClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -230,8 +236,8 @@ export type SageMakerMetricsClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -270,8 +276,8 @@ export class SageMakerMetricsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -280,8 +286,14 @@ export class SageMakerMetricsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -292,4 +304,13 @@ export class SageMakerMetricsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerMetricsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerMetricsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-metrics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-metrics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..6e2035422c219 --- /dev/null +++ b/clients/client-sagemaker-metrics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerMetricsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerMetricsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerMetricsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerMetricsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerMetricsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerMetricsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-metrics/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-metrics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..99fcda95ae605 --- /dev/null +++ b/clients/client-sagemaker-metrics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SageMakerMetricsClientConfig, SageMakerMetricsClientResolvedConfig } from "../SageMakerMetricsClient"; + +/** + * @internal + */ +export interface SageMakerMetricsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerMetricsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerMetricsClientResolvedConfig, + HandlerExecutionContext, + SageMakerMetricsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerMetricsHttpAuthSchemeParametersProvider = async ( + config: SageMakerMetricsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SageMakerMetricsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerMetricsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerMetricsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerMetricsHttpAuthSchemeProvider: SageMakerMetricsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerMetricsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerMetricsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-metrics/src/extensionConfiguration.ts b/clients/client-sagemaker-metrics/src/extensionConfiguration.ts index 972e98dc56b45..512c8934f6e09 100644 --- a/clients/client-sagemaker-metrics/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-metrics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerMetricsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-metrics/src/runtimeConfig.shared.ts b/clients/client-sagemaker-metrics/src/runtimeConfig.shared.ts index c48d340686bad..f1655366ec4ff 100644 --- a/clients/client-sagemaker-metrics/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-metrics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerMetricsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerMetricsClientConfig } from "./SageMakerMetricsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SageMakerMetricsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerMetricsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SageMaker Metrics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker-metrics/src/runtimeExtensions.ts b/clients/client-sagemaker-metrics/src/runtimeExtensions.ts index d55ad113b58a0..4217f985b3dfd 100644 --- a/clients/client-sagemaker-metrics/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-metrics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerMetricsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker-runtime/package.json b/clients/client-sagemaker-runtime/package.json index 982f53b10ac23..1c9147a8f5d91 100644 --- a/clients/client-sagemaker-runtime/package.json +++ b/clients/client-sagemaker-runtime/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -56,8 +55,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-sagemaker-runtime/src/SageMakerRuntimeClient.ts b/clients/client-sagemaker-runtime/src/SageMakerRuntimeClient.ts index b168b0c293349..996d869bea14d 100644 --- a/clients/client-sagemaker-runtime/src/SageMakerRuntimeClient.ts +++ b/clients/client-sagemaker-runtime/src/SageMakerRuntimeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { EventStreamSerdeInputConfig, EventStreamSerdeResolvedConfig, @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -54,6 +53,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerRuntimeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { InvokeEndpointAsyncCommandInput, InvokeEndpointAsyncCommandOutput, @@ -177,21 +182,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -235,9 +241,9 @@ export type SageMakerRuntimeClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & EventStreamSerdeInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -256,9 +262,9 @@ export type SageMakerRuntimeClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & EventStreamSerdeResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -289,9 +295,9 @@ export class SageMakerRuntimeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); - const _config_8 = resolveEventStreamSerdeConfig(_config_7); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveEventStreamSerdeConfig(_config_6); + const _config_8 = resolveHttpAuthSchemeConfig(_config_7); const _config_9 = resolveRuntimeExtensions(_config_8, configuration?.extensions || []); super(_config_9); this.config = _config_9; @@ -300,8 +306,14 @@ export class SageMakerRuntimeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -312,4 +324,13 @@ export class SageMakerRuntimeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerRuntimeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerRuntimeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker-runtime/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker-runtime/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..76e3cc65bfbe7 --- /dev/null +++ b/clients/client-sagemaker-runtime/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerRuntimeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerRuntimeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerRuntimeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerRuntimeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerRuntimeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerRuntimeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker-runtime/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker-runtime/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..dc31237dc7f4a --- /dev/null +++ b/clients/client-sagemaker-runtime/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SageMakerRuntimeClientConfig, SageMakerRuntimeClientResolvedConfig } from "../SageMakerRuntimeClient"; + +/** + * @internal + */ +export interface SageMakerRuntimeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerRuntimeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerRuntimeClientResolvedConfig, + HandlerExecutionContext, + SageMakerRuntimeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerRuntimeHttpAuthSchemeParametersProvider = async ( + config: SageMakerRuntimeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SageMakerRuntimeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerRuntimeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerRuntimeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerRuntimeHttpAuthSchemeProvider: SageMakerRuntimeHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerRuntimeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker-runtime/src/extensionConfiguration.ts b/clients/client-sagemaker-runtime/src/extensionConfiguration.ts index 5a65ef02e8b38..f38d90e1efd4b 100644 --- a/clients/client-sagemaker-runtime/src/extensionConfiguration.ts +++ b/clients/client-sagemaker-runtime/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerRuntimeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker-runtime/src/runtimeConfig.shared.ts b/clients/client-sagemaker-runtime/src/runtimeConfig.shared.ts index f01b0c5eee9cc..3dc390f35833b 100644 --- a/clients/client-sagemaker-runtime/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker-runtime/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerRuntimeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerRuntimeClientConfig } from "./SageMakerRuntimeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SageMakerRuntimeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerRuntimeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SageMaker Runtime", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker-runtime/src/runtimeExtensions.ts b/clients/client-sagemaker-runtime/src/runtimeExtensions.ts index ef35a22a77b2f..b58d36587b8f8 100644 --- a/clients/client-sagemaker-runtime/src/runtimeExtensions.ts +++ b/clients/client-sagemaker-runtime/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerRuntimeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sagemaker/package.json b/clients/client-sagemaker/package.json index df56d30664289..51b72904c02e1 100644 --- a/clients/client-sagemaker/package.json +++ b/clients/client-sagemaker/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-sagemaker/src/SageMakerClient.ts b/clients/client-sagemaker/src/SageMakerClient.ts index bb47cf7f74759..c31672c2ba086 100644 --- a/clients/client-sagemaker/src/SageMakerClient.ts +++ b/clients/client-sagemaker/src/SageMakerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSageMakerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddAssociationCommandInput, AddAssociationCommandOutput } from "./commands/AddAssociationCommand"; import { AddTagsCommandInput, AddTagsCommandOutput } from "./commands/AddTagsCommand"; import { @@ -1602,21 +1607,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -1655,8 +1661,8 @@ export type SageMakerClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -1675,8 +1681,8 @@ export type SageMakerClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -1722,8 +1728,8 @@ export class SageMakerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -1732,8 +1738,14 @@ export class SageMakerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1744,4 +1756,13 @@ export class SageMakerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSageMakerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SageMakerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sagemaker/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sagemaker/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b9e93ee47d97c --- /dev/null +++ b/clients/client-sagemaker/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SageMakerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SageMakerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SageMakerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SageMakerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SageMakerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sagemaker/src/auth/httpAuthSchemeProvider.ts b/clients/client-sagemaker/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..75be7bad4ebfc --- /dev/null +++ b/clients/client-sagemaker/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SageMakerClientConfig, SageMakerClientResolvedConfig } from "../SageMakerClient"; + +/** + * @internal + */ +export interface SageMakerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SageMakerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SageMakerClientResolvedConfig, + HandlerExecutionContext, + SageMakerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSageMakerHttpAuthSchemeParametersProvider = async ( + config: SageMakerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SageMakerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sagemaker", + region: authParameters.region, + }, + propertiesExtractor: (config: SageMakerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SageMakerHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSageMakerHttpAuthSchemeProvider: SageMakerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SageMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SageMakerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sagemaker/src/extensionConfiguration.ts b/clients/client-sagemaker/src/extensionConfiguration.ts index 97e1e9c1a44fa..0358e5de7432c 100644 --- a/clients/client-sagemaker/src/extensionConfiguration.ts +++ b/clients/client-sagemaker/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SageMakerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sagemaker/src/runtimeConfig.shared.ts b/clients/client-sagemaker/src/runtimeConfig.shared.ts index 9e2cd085c76ab..3da4140fd53ee 100644 --- a/clients/client-sagemaker/src/runtimeConfig.shared.ts +++ b/clients/client-sagemaker/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSageMakerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SageMakerClientConfig } from "./SageMakerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SageMakerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSageMakerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SageMaker", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sagemaker/src/runtimeExtensions.ts b/clients/client-sagemaker/src/runtimeExtensions.ts index 8883bcdf1f626..a61fa4d00a99e 100644 --- a/clients/client-sagemaker/src/runtimeExtensions.ts +++ b/clients/client-sagemaker/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SageMakerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-savingsplans/package.json b/clients/client-savingsplans/package.json index 1baf673cfefc5..d0fff9e3dd45e 100644 --- a/clients/client-savingsplans/package.json +++ b/clients/client-savingsplans/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-savingsplans/src/SavingsplansClient.ts b/clients/client-savingsplans/src/SavingsplansClient.ts index 9f1af0b49de08..8ef69c488cdaa 100644 --- a/clients/client-savingsplans/src/SavingsplansClient.ts +++ b/clients/client-savingsplans/src/SavingsplansClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSavingsplansHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSavingsPlanCommandInput, CreateSavingsPlanCommandOutput } from "./commands/CreateSavingsPlanCommand"; import { DeleteQueuedSavingsPlanCommandInput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type SavingsplansClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type SavingsplansClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -309,8 +315,8 @@ export class SavingsplansClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -319,8 +325,14 @@ export class SavingsplansClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -331,4 +343,13 @@ export class SavingsplansClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSavingsplansHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SavingsplansClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-savingsplans/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-savingsplans/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f7a1318535701 --- /dev/null +++ b/clients/client-savingsplans/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SavingsplansHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SavingsplansHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SavingsplansHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SavingsplansHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SavingsplansHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SavingsplansHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-savingsplans/src/auth/httpAuthSchemeProvider.ts b/clients/client-savingsplans/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..091a086ebcbd9 --- /dev/null +++ b/clients/client-savingsplans/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SavingsplansClientConfig, SavingsplansClientResolvedConfig } from "../SavingsplansClient"; + +/** + * @internal + */ +export interface SavingsplansHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SavingsplansHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SavingsplansClientResolvedConfig, + HandlerExecutionContext, + SavingsplansHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSavingsplansHttpAuthSchemeParametersProvider = async ( + config: SavingsplansClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SavingsplansHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "savingsplans", + region: authParameters.region, + }, + propertiesExtractor: (config: SavingsplansClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SavingsplansHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSavingsplansHttpAuthSchemeProvider: SavingsplansHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SavingsplansHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SavingsplansHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-savingsplans/src/extensionConfiguration.ts b/clients/client-savingsplans/src/extensionConfiguration.ts index 4c1288609a7a7..408f4416d9293 100644 --- a/clients/client-savingsplans/src/extensionConfiguration.ts +++ b/clients/client-savingsplans/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SavingsplansExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-savingsplans/src/runtimeConfig.shared.ts b/clients/client-savingsplans/src/runtimeConfig.shared.ts index acea5c6d0320d..dba4c823eb682 100644 --- a/clients/client-savingsplans/src/runtimeConfig.shared.ts +++ b/clients/client-savingsplans/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSavingsplansHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SavingsplansClientConfig } from "./SavingsplansClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SavingsplansClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSavingsplansHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "savingsplans", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-savingsplans/src/runtimeExtensions.ts b/clients/client-savingsplans/src/runtimeExtensions.ts index f6c431c1daf54..71fce8430ed37 100644 --- a/clients/client-savingsplans/src/runtimeExtensions.ts +++ b/clients/client-savingsplans/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SavingsplansExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-scheduler/package.json b/clients/client-scheduler/package.json index 56e1f32adf254..6f0c7161335bd 100644 --- a/clients/client-scheduler/package.json +++ b/clients/client-scheduler/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-scheduler/src/SchedulerClient.ts b/clients/client-scheduler/src/SchedulerClient.ts index d383a028e5165..7c28acf9c83b6 100644 --- a/clients/client-scheduler/src/SchedulerClient.ts +++ b/clients/client-scheduler/src/SchedulerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSchedulerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateScheduleCommandInput, CreateScheduleCommandOutput } from "./commands/CreateScheduleCommand"; import { CreateScheduleGroupCommandInput, @@ -201,21 +206,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -254,8 +260,8 @@ export type SchedulerClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -274,8 +280,8 @@ export type SchedulerClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export class SchedulerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -320,8 +326,14 @@ export class SchedulerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -332,4 +344,13 @@ export class SchedulerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSchedulerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SchedulerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-scheduler/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-scheduler/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..45a458bfae855 --- /dev/null +++ b/clients/client-scheduler/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SchedulerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SchedulerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SchedulerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SchedulerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SchedulerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SchedulerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-scheduler/src/auth/httpAuthSchemeProvider.ts b/clients/client-scheduler/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f4f3e62107ace --- /dev/null +++ b/clients/client-scheduler/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SchedulerClientConfig, SchedulerClientResolvedConfig } from "../SchedulerClient"; + +/** + * @internal + */ +export interface SchedulerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SchedulerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SchedulerClientResolvedConfig, + HandlerExecutionContext, + SchedulerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSchedulerHttpAuthSchemeParametersProvider = async ( + config: SchedulerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SchedulerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "scheduler", + region: authParameters.region, + }, + propertiesExtractor: (config: SchedulerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SchedulerHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSchedulerHttpAuthSchemeProvider: SchedulerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SchedulerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SchedulerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-scheduler/src/extensionConfiguration.ts b/clients/client-scheduler/src/extensionConfiguration.ts index f188a2bba3e5f..51b692bb0af1a 100644 --- a/clients/client-scheduler/src/extensionConfiguration.ts +++ b/clients/client-scheduler/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SchedulerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-scheduler/src/runtimeConfig.shared.ts b/clients/client-scheduler/src/runtimeConfig.shared.ts index ed49953a09a24..cff1f6eef11a0 100644 --- a/clients/client-scheduler/src/runtimeConfig.shared.ts +++ b/clients/client-scheduler/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSchedulerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SchedulerClientConfig } from "./SchedulerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SchedulerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSchedulerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Scheduler", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-scheduler/src/runtimeExtensions.ts b/clients/client-scheduler/src/runtimeExtensions.ts index 85ef84aaddee4..95fcf683b0155 100644 --- a/clients/client-scheduler/src/runtimeExtensions.ts +++ b/clients/client-scheduler/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SchedulerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-schemas/package.json b/clients/client-schemas/package.json index f35c2ebdf39f8..d17c442bb016d 100644 --- a/clients/client-schemas/package.json +++ b/clients/client-schemas/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-schemas/src/SchemasClient.ts b/clients/client-schemas/src/SchemasClient.ts index 6f68c806d72a5..5d24ab8c2c65a 100644 --- a/clients/client-schemas/src/SchemasClient.ts +++ b/clients/client-schemas/src/SchemasClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSchemasHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateDiscovererCommandInput, CreateDiscovererCommandOutput } from "./commands/CreateDiscovererCommand"; import { CreateRegistryCommandInput, CreateRegistryCommandOutput } from "./commands/CreateRegistryCommand"; import { CreateSchemaCommandInput, CreateSchemaCommandOutput } from "./commands/CreateSchemaCommand"; @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type SchemasClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type SchemasClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -372,8 +378,8 @@ export class SchemasClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -382,8 +388,14 @@ export class SchemasClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -394,4 +406,13 @@ export class SchemasClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSchemasHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SchemasClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-schemas/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-schemas/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e158764aa4731 --- /dev/null +++ b/clients/client-schemas/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SchemasHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SchemasHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SchemasHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SchemasHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SchemasHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SchemasHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-schemas/src/auth/httpAuthSchemeProvider.ts b/clients/client-schemas/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..2cb0e8a38be3c --- /dev/null +++ b/clients/client-schemas/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SchemasClientConfig, SchemasClientResolvedConfig } from "../SchemasClient"; + +/** + * @internal + */ +export interface SchemasHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SchemasHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SchemasClientResolvedConfig, + HandlerExecutionContext, + SchemasHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSchemasHttpAuthSchemeParametersProvider = async ( + config: SchemasClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SchemasHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "schemas", + region: authParameters.region, + }, + propertiesExtractor: (config: SchemasClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SchemasHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSchemasHttpAuthSchemeProvider: SchemasHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SchemasHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SchemasHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-schemas/src/extensionConfiguration.ts b/clients/client-schemas/src/extensionConfiguration.ts index 386095defa997..d9374974607a9 100644 --- a/clients/client-schemas/src/extensionConfiguration.ts +++ b/clients/client-schemas/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SchemasExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-schemas/src/runtimeConfig.shared.ts b/clients/client-schemas/src/runtimeConfig.shared.ts index 5f11c2b60e51b..84592449dd9a2 100644 --- a/clients/client-schemas/src/runtimeConfig.shared.ts +++ b/clients/client-schemas/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSchemasHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SchemasClientConfig } from "./SchemasClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SchemasClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSchemasHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "schemas", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-schemas/src/runtimeExtensions.ts b/clients/client-schemas/src/runtimeExtensions.ts index 636b1816bf420..d6d4e77ec486a 100644 --- a/clients/client-schemas/src/runtimeExtensions.ts +++ b/clients/client-schemas/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SchemasExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-secrets-manager/package.json b/clients/client-secrets-manager/package.json index 9d84ca26a7b15..1999d71b5d6fc 100644 --- a/clients/client-secrets-manager/package.json +++ b/clients/client-secrets-manager/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-secrets-manager/src/SecretsManagerClient.ts b/clients/client-secrets-manager/src/SecretsManagerClient.ts index e1a9b3046e162..e18708db6088c 100644 --- a/clients/client-secrets-manager/src/SecretsManagerClient.ts +++ b/clients/client-secrets-manager/src/SecretsManagerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSecretsManagerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetSecretValueCommandInput, BatchGetSecretValueCommandOutput, @@ -249,21 +254,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -302,8 +308,8 @@ export type SecretsManagerClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export type SecretsManagerClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -379,8 +385,8 @@ export class SecretsManagerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -389,8 +395,14 @@ export class SecretsManagerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -401,4 +413,13 @@ export class SecretsManagerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSecretsManagerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SecretsManagerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-secrets-manager/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-secrets-manager/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..7fe4a7575cb17 --- /dev/null +++ b/clients/client-secrets-manager/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SecretsManagerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecretsManagerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SecretsManagerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SecretsManagerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecretsManagerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SecretsManagerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-secrets-manager/src/auth/httpAuthSchemeProvider.ts b/clients/client-secrets-manager/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3a52e35102438 --- /dev/null +++ b/clients/client-secrets-manager/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SecretsManagerClientConfig, SecretsManagerClientResolvedConfig } from "../SecretsManagerClient"; + +/** + * @internal + */ +export interface SecretsManagerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SecretsManagerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SecretsManagerClientResolvedConfig, + HandlerExecutionContext, + SecretsManagerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSecretsManagerHttpAuthSchemeParametersProvider = async ( + config: SecretsManagerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SecretsManagerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "secretsmanager", + region: authParameters.region, + }, + propertiesExtractor: (config: SecretsManagerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SecretsManagerHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSecretsManagerHttpAuthSchemeProvider: SecretsManagerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SecretsManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SecretsManagerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-secrets-manager/src/extensionConfiguration.ts b/clients/client-secrets-manager/src/extensionConfiguration.ts index 656b157c3f4e5..78ec6af474e01 100644 --- a/clients/client-secrets-manager/src/extensionConfiguration.ts +++ b/clients/client-secrets-manager/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SecretsManagerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-secrets-manager/src/runtimeConfig.shared.ts b/clients/client-secrets-manager/src/runtimeConfig.shared.ts index 94b248235476c..712290805ce11 100644 --- a/clients/client-secrets-manager/src/runtimeConfig.shared.ts +++ b/clients/client-secrets-manager/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSecretsManagerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SecretsManagerClientConfig } from "./SecretsManagerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SecretsManagerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSecretsManagerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Secrets Manager", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-secrets-manager/src/runtimeExtensions.ts b/clients/client-secrets-manager/src/runtimeExtensions.ts index 35ea04afda696..15c9a5d2a99f0 100644 --- a/clients/client-secrets-manager/src/runtimeExtensions.ts +++ b/clients/client-secrets-manager/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SecretsManagerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-securityhub/package.json b/clients/client-securityhub/package.json index f3bb126e0707d..81dedc3fb0258 100644 --- a/clients/client-securityhub/package.json +++ b/clients/client-securityhub/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-securityhub/src/SecurityHubClient.ts b/clients/client-securityhub/src/SecurityHubClient.ts index c94c3dec4285c..06716e8be77f2 100644 --- a/clients/client-securityhub/src/SecurityHubClient.ts +++ b/clients/client-securityhub/src/SecurityHubClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSecurityHubHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptAdministratorInvitationCommandInput, AcceptAdministratorInvitationCommandOutput, @@ -546,21 +551,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -599,8 +605,8 @@ export type SecurityHubClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -619,8 +625,8 @@ export type SecurityHubClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -722,8 +728,8 @@ export class SecurityHubClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -732,8 +738,14 @@ export class SecurityHubClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -744,4 +756,13 @@ export class SecurityHubClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSecurityHubHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SecurityHubClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-securityhub/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-securityhub/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f75690cb9caa7 --- /dev/null +++ b/clients/client-securityhub/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SecurityHubHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecurityHubHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SecurityHubHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SecurityHubHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecurityHubHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SecurityHubHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-securityhub/src/auth/httpAuthSchemeProvider.ts b/clients/client-securityhub/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..37c097fd06339 --- /dev/null +++ b/clients/client-securityhub/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SecurityHubClientConfig, SecurityHubClientResolvedConfig } from "../SecurityHubClient"; + +/** + * @internal + */ +export interface SecurityHubHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SecurityHubHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SecurityHubClientResolvedConfig, + HandlerExecutionContext, + SecurityHubHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSecurityHubHttpAuthSchemeParametersProvider = async ( + config: SecurityHubClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SecurityHubHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "securityhub", + region: authParameters.region, + }, + propertiesExtractor: (config: SecurityHubClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SecurityHubHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSecurityHubHttpAuthSchemeProvider: SecurityHubHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SecurityHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SecurityHubHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-securityhub/src/extensionConfiguration.ts b/clients/client-securityhub/src/extensionConfiguration.ts index f665ab5a1753a..abd16c1d17036 100644 --- a/clients/client-securityhub/src/extensionConfiguration.ts +++ b/clients/client-securityhub/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SecurityHubExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-securityhub/src/runtimeConfig.shared.ts b/clients/client-securityhub/src/runtimeConfig.shared.ts index 206858c2e399c..41a1c899e1173 100644 --- a/clients/client-securityhub/src/runtimeConfig.shared.ts +++ b/clients/client-securityhub/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSecurityHubHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SecurityHubClientConfig } from "./SecurityHubClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SecurityHubClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSecurityHubHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SecurityHub", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-securityhub/src/runtimeExtensions.ts b/clients/client-securityhub/src/runtimeExtensions.ts index 6d2a669286b60..c18ef0166bab6 100644 --- a/clients/client-securityhub/src/runtimeExtensions.ts +++ b/clients/client-securityhub/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SecurityHubExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-securitylake/package.json b/clients/client-securitylake/package.json index 6a727bb044afc..fe552f902aaf5 100644 --- a/clients/client-securitylake/package.json +++ b/clients/client-securitylake/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-securitylake/src/SecurityLakeClient.ts b/clients/client-securitylake/src/SecurityLakeClient.ts index 899442aaf2a14..4c688e2859c8a 100644 --- a/clients/client-securitylake/src/SecurityLakeClient.ts +++ b/clients/client-securitylake/src/SecurityLakeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSecurityLakeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAwsLogSourceCommandInput, CreateAwsLogSourceCommandOutput } from "./commands/CreateAwsLogSourceCommand"; import { CreateCustomLogSourceCommandInput, @@ -297,21 +302,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -350,8 +356,8 @@ export type SecurityLakeClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -370,8 +376,8 @@ export type SecurityLakeClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export class SecurityLakeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -437,8 +443,14 @@ export class SecurityLakeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -449,4 +461,13 @@ export class SecurityLakeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSecurityLakeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SecurityLakeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-securitylake/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-securitylake/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..50d3f9c8d56f0 --- /dev/null +++ b/clients/client-securitylake/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SecurityLakeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecurityLakeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SecurityLakeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SecurityLakeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SecurityLakeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SecurityLakeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-securitylake/src/auth/httpAuthSchemeProvider.ts b/clients/client-securitylake/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..faa20b22cffb1 --- /dev/null +++ b/clients/client-securitylake/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SecurityLakeClientConfig, SecurityLakeClientResolvedConfig } from "../SecurityLakeClient"; + +/** + * @internal + */ +export interface SecurityLakeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SecurityLakeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SecurityLakeClientResolvedConfig, + HandlerExecutionContext, + SecurityLakeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSecurityLakeHttpAuthSchemeParametersProvider = async ( + config: SecurityLakeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SecurityLakeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "securitylake", + region: authParameters.region, + }, + propertiesExtractor: (config: SecurityLakeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SecurityLakeHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSecurityLakeHttpAuthSchemeProvider: SecurityLakeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SecurityLakeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SecurityLakeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-securitylake/src/extensionConfiguration.ts b/clients/client-securitylake/src/extensionConfiguration.ts index fd1ad8abaee67..1090560c1573e 100644 --- a/clients/client-securitylake/src/extensionConfiguration.ts +++ b/clients/client-securitylake/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SecurityLakeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-securitylake/src/runtimeConfig.shared.ts b/clients/client-securitylake/src/runtimeConfig.shared.ts index daa4e56fb46bb..ba39a034ea025 100644 --- a/clients/client-securitylake/src/runtimeConfig.shared.ts +++ b/clients/client-securitylake/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSecurityLakeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SecurityLakeClientConfig } from "./SecurityLakeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SecurityLakeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSecurityLakeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SecurityLake", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-securitylake/src/runtimeExtensions.ts b/clients/client-securitylake/src/runtimeExtensions.ts index 8659cd0a9243d..c421d0d9d92fe 100644 --- a/clients/client-securitylake/src/runtimeExtensions.ts +++ b/clients/client-securitylake/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SecurityLakeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-serverlessapplicationrepository/package.json b/clients/client-serverlessapplicationrepository/package.json index 73b8516ed71fd..6442e6859fc7d 100644 --- a/clients/client-serverlessapplicationrepository/package.json +++ b/clients/client-serverlessapplicationrepository/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-serverlessapplicationrepository/src/ServerlessApplicationRepositoryClient.ts b/clients/client-serverlessapplicationrepository/src/ServerlessApplicationRepositoryClient.ts index c08e9b74400f3..1a28941ba5981 100644 --- a/clients/client-serverlessapplicationrepository/src/ServerlessApplicationRepositoryClient.ts +++ b/clients/client-serverlessapplicationrepository/src/ServerlessApplicationRepositoryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultServerlessApplicationRepositoryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateApplicationCommandInput, CreateApplicationCommandOutput } from "./commands/CreateApplicationCommand"; import { CreateApplicationVersionCommandInput, @@ -222,21 +227,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -275,8 +281,8 @@ export type ServerlessApplicationRepositoryClientConfigType = Partial<__SmithyCo EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -296,8 +302,8 @@ export type ServerlessApplicationRepositoryClientResolvedConfigType = EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -348,8 +354,8 @@ export class ServerlessApplicationRepositoryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -358,8 +364,14 @@ export class ServerlessApplicationRepositoryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -370,4 +382,13 @@ export class ServerlessApplicationRepositoryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultServerlessApplicationRepositoryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ServerlessApplicationRepositoryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-serverlessapplicationrepository/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-serverlessapplicationrepository/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ce426b2e27f40 --- /dev/null +++ b/clients/client-serverlessapplicationrepository/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ServerlessApplicationRepositoryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServerlessApplicationRepositoryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ServerlessApplicationRepositoryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ServerlessApplicationRepositoryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServerlessApplicationRepositoryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ServerlessApplicationRepositoryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-serverlessapplicationrepository/src/auth/httpAuthSchemeProvider.ts b/clients/client-serverlessapplicationrepository/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c35f1d601719d --- /dev/null +++ b/clients/client-serverlessapplicationrepository/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,144 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ServerlessApplicationRepositoryClientConfig, + ServerlessApplicationRepositoryClientResolvedConfig, +} from "../ServerlessApplicationRepositoryClient"; + +/** + * @internal + */ +export interface ServerlessApplicationRepositoryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ServerlessApplicationRepositoryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ServerlessApplicationRepositoryClientResolvedConfig, + HandlerExecutionContext, + ServerlessApplicationRepositoryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultServerlessApplicationRepositoryHttpAuthSchemeParametersProvider = async ( + config: ServerlessApplicationRepositoryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ServerlessApplicationRepositoryHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "serverlessrepo", + region: authParameters.region, + }, + propertiesExtractor: (config: ServerlessApplicationRepositoryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ServerlessApplicationRepositoryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultServerlessApplicationRepositoryHttpAuthSchemeProvider: ServerlessApplicationRepositoryHttpAuthSchemeProvider = + (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; + }; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ServerlessApplicationRepositoryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ServerlessApplicationRepositoryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-serverlessapplicationrepository/src/extensionConfiguration.ts b/clients/client-serverlessapplicationrepository/src/extensionConfiguration.ts index a0268a9331b40..615e15a4d1a63 100644 --- a/clients/client-serverlessapplicationrepository/src/extensionConfiguration.ts +++ b/clients/client-serverlessapplicationrepository/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ServerlessApplicationRepositoryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-serverlessapplicationrepository/src/runtimeConfig.shared.ts b/clients/client-serverlessapplicationrepository/src/runtimeConfig.shared.ts index 228ca78fa7935..66de65e8679d6 100644 --- a/clients/client-serverlessapplicationrepository/src/runtimeConfig.shared.ts +++ b/clients/client-serverlessapplicationrepository/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultServerlessApplicationRepositoryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ServerlessApplicationRepositoryClientConfig } from "./ServerlessApplicationRepositoryClient"; @@ -18,6 +21,15 @@ export const getRuntimeConfig = (config: ServerlessApplicationRepositoryClientCo disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: + config?.httpAuthSchemeProvider ?? defaultServerlessApplicationRepositoryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ServerlessApplicationRepository", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-serverlessapplicationrepository/src/runtimeExtensions.ts b/clients/client-serverlessapplicationrepository/src/runtimeExtensions.ts index 58b4c01cffd26..43ed1f849e12f 100644 --- a/clients/client-serverlessapplicationrepository/src/runtimeExtensions.ts +++ b/clients/client-serverlessapplicationrepository/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ServerlessApplicationRepositoryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-service-catalog-appregistry/package.json b/clients/client-service-catalog-appregistry/package.json index 200956acebf62..ea47efacb39c3 100644 --- a/clients/client-service-catalog-appregistry/package.json +++ b/clients/client-service-catalog-appregistry/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-service-catalog-appregistry/src/ServiceCatalogAppRegistryClient.ts b/clients/client-service-catalog-appregistry/src/ServiceCatalogAppRegistryClient.ts index ddba4de6b1e6a..2510eec019e61 100644 --- a/clients/client-service-catalog-appregistry/src/ServiceCatalogAppRegistryClient.ts +++ b/clients/client-service-catalog-appregistry/src/ServiceCatalogAppRegistryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultServiceCatalogAppRegistryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateAttributeGroupCommandInput, AssociateAttributeGroupCommandOutput, @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type ServiceCatalogAppRegistryClientConfigType = Partial<__SmithyConfigur EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type ServiceCatalogAppRegistryClientResolvedConfigType = __SmithyResolved EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -370,8 +376,8 @@ export class ServiceCatalogAppRegistryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -380,8 +386,14 @@ export class ServiceCatalogAppRegistryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -392,4 +404,13 @@ export class ServiceCatalogAppRegistryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultServiceCatalogAppRegistryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ServiceCatalogAppRegistryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-service-catalog-appregistry/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-service-catalog-appregistry/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..197d8c18a7c76 --- /dev/null +++ b/clients/client-service-catalog-appregistry/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ServiceCatalogAppRegistryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceCatalogAppRegistryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ServiceCatalogAppRegistryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ServiceCatalogAppRegistryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceCatalogAppRegistryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ServiceCatalogAppRegistryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-service-catalog-appregistry/src/auth/httpAuthSchemeProvider.ts b/clients/client-service-catalog-appregistry/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b4d9c80ad1a14 --- /dev/null +++ b/clients/client-service-catalog-appregistry/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + ServiceCatalogAppRegistryClientConfig, + ServiceCatalogAppRegistryClientResolvedConfig, +} from "../ServiceCatalogAppRegistryClient"; + +/** + * @internal + */ +export interface ServiceCatalogAppRegistryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ServiceCatalogAppRegistryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ServiceCatalogAppRegistryClientResolvedConfig, + HandlerExecutionContext, + ServiceCatalogAppRegistryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultServiceCatalogAppRegistryHttpAuthSchemeParametersProvider = async ( + config: ServiceCatalogAppRegistryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: ServiceCatalogAppRegistryHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "servicecatalog", + region: authParameters.region, + }, + propertiesExtractor: (config: ServiceCatalogAppRegistryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ServiceCatalogAppRegistryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultServiceCatalogAppRegistryHttpAuthSchemeProvider: ServiceCatalogAppRegistryHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ServiceCatalogAppRegistryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ServiceCatalogAppRegistryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-service-catalog-appregistry/src/extensionConfiguration.ts b/clients/client-service-catalog-appregistry/src/extensionConfiguration.ts index 2fc48c6e0f403..ce0bfb05a51f3 100644 --- a/clients/client-service-catalog-appregistry/src/extensionConfiguration.ts +++ b/clients/client-service-catalog-appregistry/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ServiceCatalogAppRegistryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-service-catalog-appregistry/src/runtimeConfig.shared.ts b/clients/client-service-catalog-appregistry/src/runtimeConfig.shared.ts index 77ca718740653..a305f11a73a2a 100644 --- a/clients/client-service-catalog-appregistry/src/runtimeConfig.shared.ts +++ b/clients/client-service-catalog-appregistry/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultServiceCatalogAppRegistryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ServiceCatalogAppRegistryClientConfig } from "./ServiceCatalogAppRegistryClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ServiceCatalogAppRegistryClientConfig) disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultServiceCatalogAppRegistryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Service Catalog AppRegistry", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-service-catalog-appregistry/src/runtimeExtensions.ts b/clients/client-service-catalog-appregistry/src/runtimeExtensions.ts index dba16cb78c422..c8921e1569804 100644 --- a/clients/client-service-catalog-appregistry/src/runtimeExtensions.ts +++ b/clients/client-service-catalog-appregistry/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ServiceCatalogAppRegistryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-service-catalog/package.json b/clients/client-service-catalog/package.json index 1f41915cd3a4b..e4d520eed0d34 100644 --- a/clients/client-service-catalog/package.json +++ b/clients/client-service-catalog/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-service-catalog/src/ServiceCatalogClient.ts b/clients/client-service-catalog/src/ServiceCatalogClient.ts index fcd4a412a8cc5..d2fb991db5df1 100644 --- a/clients/client-service-catalog/src/ServiceCatalogClient.ts +++ b/clients/client-service-catalog/src/ServiceCatalogClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultServiceCatalogHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptPortfolioShareCommandInput, AcceptPortfolioShareCommandOutput, @@ -621,21 +626,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -674,8 +680,8 @@ export type ServiceCatalogClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -694,8 +700,8 @@ export type ServiceCatalogClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -732,8 +738,8 @@ export class ServiceCatalogClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -742,8 +748,14 @@ export class ServiceCatalogClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -754,4 +766,13 @@ export class ServiceCatalogClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultServiceCatalogHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ServiceCatalogClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-service-catalog/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-service-catalog/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a54d728136ef0 --- /dev/null +++ b/clients/client-service-catalog/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ServiceCatalogHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceCatalogHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ServiceCatalogHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ServiceCatalogHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceCatalogHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ServiceCatalogHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-service-catalog/src/auth/httpAuthSchemeProvider.ts b/clients/client-service-catalog/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a38c498946785 --- /dev/null +++ b/clients/client-service-catalog/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ServiceCatalogClientConfig, ServiceCatalogClientResolvedConfig } from "../ServiceCatalogClient"; + +/** + * @internal + */ +export interface ServiceCatalogHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ServiceCatalogHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ServiceCatalogClientResolvedConfig, + HandlerExecutionContext, + ServiceCatalogHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultServiceCatalogHttpAuthSchemeParametersProvider = async ( + config: ServiceCatalogClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ServiceCatalogHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "servicecatalog", + region: authParameters.region, + }, + propertiesExtractor: (config: ServiceCatalogClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ServiceCatalogHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultServiceCatalogHttpAuthSchemeProvider: ServiceCatalogHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ServiceCatalogHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ServiceCatalogHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-service-catalog/src/extensionConfiguration.ts b/clients/client-service-catalog/src/extensionConfiguration.ts index e7ccfa70823b5..3a3309f4a94bf 100644 --- a/clients/client-service-catalog/src/extensionConfiguration.ts +++ b/clients/client-service-catalog/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ServiceCatalogExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-service-catalog/src/runtimeConfig.shared.ts b/clients/client-service-catalog/src/runtimeConfig.shared.ts index 6a47c6ab5e0ec..818499ee9ef0d 100644 --- a/clients/client-service-catalog/src/runtimeConfig.shared.ts +++ b/clients/client-service-catalog/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultServiceCatalogHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ServiceCatalogClientConfig } from "./ServiceCatalogClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ServiceCatalogClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultServiceCatalogHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Service Catalog", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-service-catalog/src/runtimeExtensions.ts b/clients/client-service-catalog/src/runtimeExtensions.ts index 0e10afc85c0ad..2317243c0f160 100644 --- a/clients/client-service-catalog/src/runtimeExtensions.ts +++ b/clients/client-service-catalog/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ServiceCatalogExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-service-quotas/package.json b/clients/client-service-quotas/package.json index ac1fb55056a7c..80e2784753f08 100644 --- a/clients/client-service-quotas/package.json +++ b/clients/client-service-quotas/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-service-quotas/src/ServiceQuotasClient.ts b/clients/client-service-quotas/src/ServiceQuotasClient.ts index eec91cb3e1f4e..0e2eeeaad5083 100644 --- a/clients/client-service-quotas/src/ServiceQuotasClient.ts +++ b/clients/client-service-quotas/src/ServiceQuotasClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultServiceQuotasHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateServiceQuotaTemplateCommandInput, AssociateServiceQuotaTemplateCommandOutput, @@ -255,21 +260,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -308,8 +314,8 @@ export type ServiceQuotasClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -328,8 +334,8 @@ export type ServiceQuotasClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -362,8 +368,8 @@ export class ServiceQuotasClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -372,8 +378,14 @@ export class ServiceQuotasClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -384,4 +396,13 @@ export class ServiceQuotasClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultServiceQuotasHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ServiceQuotasClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-service-quotas/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-service-quotas/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3a962f0e63d2a --- /dev/null +++ b/clients/client-service-quotas/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ServiceQuotasHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceQuotasHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ServiceQuotasHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ServiceQuotasHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceQuotasHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ServiceQuotasHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-service-quotas/src/auth/httpAuthSchemeProvider.ts b/clients/client-service-quotas/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c345b561d6fab --- /dev/null +++ b/clients/client-service-quotas/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ServiceQuotasClientConfig, ServiceQuotasClientResolvedConfig } from "../ServiceQuotasClient"; + +/** + * @internal + */ +export interface ServiceQuotasHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ServiceQuotasHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ServiceQuotasClientResolvedConfig, + HandlerExecutionContext, + ServiceQuotasHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultServiceQuotasHttpAuthSchemeParametersProvider = async ( + config: ServiceQuotasClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ServiceQuotasHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "servicequotas", + region: authParameters.region, + }, + propertiesExtractor: (config: ServiceQuotasClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ServiceQuotasHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultServiceQuotasHttpAuthSchemeProvider: ServiceQuotasHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ServiceQuotasHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ServiceQuotasHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-service-quotas/src/extensionConfiguration.ts b/clients/client-service-quotas/src/extensionConfiguration.ts index 361da1165bedc..9baae50b460e4 100644 --- a/clients/client-service-quotas/src/extensionConfiguration.ts +++ b/clients/client-service-quotas/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ServiceQuotasExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-service-quotas/src/runtimeConfig.shared.ts b/clients/client-service-quotas/src/runtimeConfig.shared.ts index 636b3d52dc60f..88db35033ea61 100644 --- a/clients/client-service-quotas/src/runtimeConfig.shared.ts +++ b/clients/client-service-quotas/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultServiceQuotasHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ServiceQuotasClientConfig } from "./ServiceQuotasClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ServiceQuotasClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultServiceQuotasHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Service Quotas", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-service-quotas/src/runtimeExtensions.ts b/clients/client-service-quotas/src/runtimeExtensions.ts index 15d761cef2381..9fcd23dc9eca7 100644 --- a/clients/client-service-quotas/src/runtimeExtensions.ts +++ b/clients/client-service-quotas/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ServiceQuotasExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-servicediscovery/package.json b/clients/client-servicediscovery/package.json index 55127fc57c4dc..7f0a8431fdfeb 100644 --- a/clients/client-servicediscovery/package.json +++ b/clients/client-servicediscovery/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-servicediscovery/src/ServiceDiscoveryClient.ts b/clients/client-servicediscovery/src/ServiceDiscoveryClient.ts index c0090599ab34b..4203d11463565 100644 --- a/clients/client-servicediscovery/src/ServiceDiscoveryClient.ts +++ b/clients/client-servicediscovery/src/ServiceDiscoveryClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultServiceDiscoveryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateHttpNamespaceCommandInput, CreateHttpNamespaceCommandOutput, @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type ServiceDiscoveryClientConfigType = Partial<__SmithyConfiguration<__H EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type ServiceDiscoveryClientResolvedConfigType = __SmithyResolvedConfigura EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -378,8 +384,8 @@ export class ServiceDiscoveryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -388,8 +394,14 @@ export class ServiceDiscoveryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -400,4 +412,13 @@ export class ServiceDiscoveryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultServiceDiscoveryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ServiceDiscoveryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-servicediscovery/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-servicediscovery/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ee3ff6c9fc76c --- /dev/null +++ b/clients/client-servicediscovery/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ServiceDiscoveryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceDiscoveryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ServiceDiscoveryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ServiceDiscoveryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ServiceDiscoveryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ServiceDiscoveryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-servicediscovery/src/auth/httpAuthSchemeProvider.ts b/clients/client-servicediscovery/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..60ec59861db65 --- /dev/null +++ b/clients/client-servicediscovery/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ServiceDiscoveryClientConfig, ServiceDiscoveryClientResolvedConfig } from "../ServiceDiscoveryClient"; + +/** + * @internal + */ +export interface ServiceDiscoveryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ServiceDiscoveryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ServiceDiscoveryClientResolvedConfig, + HandlerExecutionContext, + ServiceDiscoveryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultServiceDiscoveryHttpAuthSchemeParametersProvider = async ( + config: ServiceDiscoveryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ServiceDiscoveryHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "servicediscovery", + region: authParameters.region, + }, + propertiesExtractor: (config: ServiceDiscoveryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ServiceDiscoveryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultServiceDiscoveryHttpAuthSchemeProvider: ServiceDiscoveryHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ServiceDiscoveryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ServiceDiscoveryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-servicediscovery/src/extensionConfiguration.ts b/clients/client-servicediscovery/src/extensionConfiguration.ts index c72a328534401..3351b6f48e6bc 100644 --- a/clients/client-servicediscovery/src/extensionConfiguration.ts +++ b/clients/client-servicediscovery/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ServiceDiscoveryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-servicediscovery/src/runtimeConfig.shared.ts b/clients/client-servicediscovery/src/runtimeConfig.shared.ts index d2df61f6d93ec..bdfecdb4d83fe 100644 --- a/clients/client-servicediscovery/src/runtimeConfig.shared.ts +++ b/clients/client-servicediscovery/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultServiceDiscoveryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ServiceDiscoveryClientConfig } from "./ServiceDiscoveryClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ServiceDiscoveryClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultServiceDiscoveryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "ServiceDiscovery", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-servicediscovery/src/runtimeExtensions.ts b/clients/client-servicediscovery/src/runtimeExtensions.ts index af059e94b7d8c..9a14e34c2de9b 100644 --- a/clients/client-servicediscovery/src/runtimeExtensions.ts +++ b/clients/client-servicediscovery/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ServiceDiscoveryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ses/package.json b/clients/client-ses/package.json index f417296d9b0a3..b673482d9e575 100644 --- a/clients/client-ses/package.json +++ b/clients/client-ses/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-ses/src/SESClient.ts b/clients/client-ses/src/SESClient.ts index 3dd0b0bab48f9..dc6b1cd6b69e9 100644 --- a/clients/client-ses/src/SESClient.ts +++ b/clients/client-ses/src/SESClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSESHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CloneReceiptRuleSetCommandInput, CloneReceiptRuleSetCommandOutput, @@ -519,21 +524,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -572,8 +578,8 @@ export type SESClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -592,8 +598,8 @@ export type SESClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -657,8 +663,8 @@ export class SESClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -667,8 +673,14 @@ export class SESClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -679,4 +691,13 @@ export class SESClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSESHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SESClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ses/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ses/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..29ee5b3d5f862 --- /dev/null +++ b/clients/client-ses/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SESHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SESHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SESHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SESHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SESHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SESHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ses/src/auth/httpAuthSchemeProvider.ts b/clients/client-ses/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fbe33d9783c5b --- /dev/null +++ b/clients/client-ses/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SESClientConfig, SESClientResolvedConfig } from "../SESClient"; + +/** + * @internal + */ +export interface SESHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SESHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SESClientResolvedConfig, + HandlerExecutionContext, + SESHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSESHttpAuthSchemeParametersProvider = async ( + config: SESClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SESHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ses", + region: authParameters.region, + }, + propertiesExtractor: (config: SESClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SESHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSESHttpAuthSchemeProvider: SESHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SESHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SESHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ses/src/extensionConfiguration.ts b/clients/client-ses/src/extensionConfiguration.ts index 31440a08e8f80..7dfbb23a91d81 100644 --- a/clients/client-ses/src/extensionConfiguration.ts +++ b/clients/client-ses/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SESExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ses/src/runtimeConfig.shared.ts b/clients/client-ses/src/runtimeConfig.shared.ts index 61daaa94d7db4..1f5ec8f6f0dc8 100644 --- a/clients/client-ses/src/runtimeConfig.shared.ts +++ b/clients/client-ses/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSESHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SESClientConfig } from "./SESClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SESClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSESHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SES", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ses/src/runtimeExtensions.ts b/clients/client-ses/src/runtimeExtensions.ts index 0cee160663c60..2ee365dec85d7 100644 --- a/clients/client-ses/src/runtimeExtensions.ts +++ b/clients/client-ses/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SESExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sesv2/package.json b/clients/client-sesv2/package.json index c82ded1fae14f..fac0aaaa2b891 100644 --- a/clients/client-sesv2/package.json +++ b/clients/client-sesv2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sesv2/src/SESv2Client.ts b/clients/client-sesv2/src/SESv2Client.ts index 1350680c4ce8a..7f9a2db70b665 100644 --- a/clients/client-sesv2/src/SESv2Client.ts +++ b/clients/client-sesv2/src/SESv2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSESv2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetMetricDataCommandInput, BatchGetMetricDataCommandOutput } from "./commands/BatchGetMetricDataCommand"; import { CancelExportJobCommandInput, CancelExportJobCommandOutput } from "./commands/CancelExportJobCommand"; import { @@ -615,21 +620,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -668,8 +674,8 @@ export type SESv2ClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -688,8 +694,8 @@ export type SESv2ClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -726,8 +732,8 @@ export class SESv2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -736,8 +742,14 @@ export class SESv2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -748,4 +760,13 @@ export class SESv2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSESv2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SESv2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sesv2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sesv2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1c196ec9d15f4 --- /dev/null +++ b/clients/client-sesv2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SESv2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SESv2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SESv2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SESv2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SESv2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SESv2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sesv2/src/auth/httpAuthSchemeProvider.ts b/clients/client-sesv2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..6a4521ead418d --- /dev/null +++ b/clients/client-sesv2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SESv2ClientConfig, SESv2ClientResolvedConfig } from "../SESv2Client"; + +/** + * @internal + */ +export interface SESv2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SESv2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SESv2ClientResolvedConfig, + HandlerExecutionContext, + SESv2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSESv2HttpAuthSchemeParametersProvider = async ( + config: SESv2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SESv2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ses", + region: authParameters.region, + }, + propertiesExtractor: (config: SESv2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SESv2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSESv2HttpAuthSchemeProvider: SESv2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SESv2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SESv2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sesv2/src/extensionConfiguration.ts b/clients/client-sesv2/src/extensionConfiguration.ts index 237964c86bda9..c1d7679c92077 100644 --- a/clients/client-sesv2/src/extensionConfiguration.ts +++ b/clients/client-sesv2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SESv2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sesv2/src/runtimeConfig.shared.ts b/clients/client-sesv2/src/runtimeConfig.shared.ts index 236882a0fa6e1..e7687653e4a0a 100644 --- a/clients/client-sesv2/src/runtimeConfig.shared.ts +++ b/clients/client-sesv2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSESv2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SESv2ClientConfig } from "./SESv2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SESv2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSESv2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SESv2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sesv2/src/runtimeExtensions.ts b/clients/client-sesv2/src/runtimeExtensions.ts index bd02944d46120..5d6a59f741767 100644 --- a/clients/client-sesv2/src/runtimeExtensions.ts +++ b/clients/client-sesv2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SESv2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sfn/package.json b/clients/client-sfn/package.json index 7fc75da190a8e..4952b26211f09 100644 --- a/clients/client-sfn/package.json +++ b/clients/client-sfn/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-sfn/src/SFNClient.ts b/clients/client-sfn/src/SFNClient.ts index efd02d65bbfb4..48637b150449f 100644 --- a/clients/client-sfn/src/SFNClient.ts +++ b/clients/client-sfn/src/SFNClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSFNHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateActivityCommandInput, CreateActivityCommandOutput } from "./commands/CreateActivityCommand"; import { CreateStateMachineAliasCommandInput, @@ -300,21 +305,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -353,8 +359,8 @@ export type SFNClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -373,8 +379,8 @@ export type SFNClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -423,8 +429,8 @@ export class SFNClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -433,8 +439,14 @@ export class SFNClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -445,4 +457,13 @@ export class SFNClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSFNHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SFNClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sfn/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sfn/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..407f4bcd54358 --- /dev/null +++ b/clients/client-sfn/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SFNHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SFNHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SFNHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SFNHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SFNHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SFNHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sfn/src/auth/httpAuthSchemeProvider.ts b/clients/client-sfn/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4bde8f3fd66ea --- /dev/null +++ b/clients/client-sfn/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SFNClientConfig, SFNClientResolvedConfig } from "../SFNClient"; + +/** + * @internal + */ +export interface SFNHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SFNHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SFNClientResolvedConfig, + HandlerExecutionContext, + SFNHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSFNHttpAuthSchemeParametersProvider = async ( + config: SFNClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SFNHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "states", + region: authParameters.region, + }, + propertiesExtractor: (config: SFNClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SFNHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSFNHttpAuthSchemeProvider: SFNHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SFNHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SFNHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sfn/src/extensionConfiguration.ts b/clients/client-sfn/src/extensionConfiguration.ts index 812e21ab91633..60d0ef0034501 100644 --- a/clients/client-sfn/src/extensionConfiguration.ts +++ b/clients/client-sfn/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SFNExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sfn/src/runtimeConfig.shared.ts b/clients/client-sfn/src/runtimeConfig.shared.ts index b0055dd79253b..3b4d9df3de55b 100644 --- a/clients/client-sfn/src/runtimeConfig.shared.ts +++ b/clients/client-sfn/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSFNHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SFNClientConfig } from "./SFNClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SFNClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSFNHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SFN", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sfn/src/runtimeExtensions.ts b/clients/client-sfn/src/runtimeExtensions.ts index ec4c3bdea5217..db3557dcf7cb2 100644 --- a/clients/client-sfn/src/runtimeExtensions.ts +++ b/clients/client-sfn/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SFNExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-shield/package.json b/clients/client-shield/package.json index e44295042e702..8753852a31e1e 100644 --- a/clients/client-shield/package.json +++ b/clients/client-shield/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-shield/src/ShieldClient.ts b/clients/client-shield/src/ShieldClient.ts index 33dd8823d6970..276669fdf3fb4 100644 --- a/clients/client-shield/src/ShieldClient.ts +++ b/clients/client-shield/src/ShieldClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultShieldHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateDRTLogBucketCommandInput, AssociateDRTLogBucketCommandOutput, @@ -333,21 +338,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -386,8 +392,8 @@ export type ShieldClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -406,8 +412,8 @@ export type ShieldClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -441,8 +447,8 @@ export class ShieldClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -451,8 +457,14 @@ export class ShieldClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -463,4 +475,13 @@ export class ShieldClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultShieldHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: ShieldClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-shield/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-shield/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e207dcb00c0a1 --- /dev/null +++ b/clients/client-shield/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { ShieldHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ShieldHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): ShieldHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: ShieldHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: ShieldHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): ShieldHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-shield/src/auth/httpAuthSchemeProvider.ts b/clients/client-shield/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..79e5e36d12a2f --- /dev/null +++ b/clients/client-shield/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { ShieldClientConfig, ShieldClientResolvedConfig } from "../ShieldClient"; + +/** + * @internal + */ +export interface ShieldHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface ShieldHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + ShieldClientResolvedConfig, + HandlerExecutionContext, + ShieldHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultShieldHttpAuthSchemeParametersProvider = async ( + config: ShieldClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: ShieldHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "shield", + region: authParameters.region, + }, + propertiesExtractor: (config: ShieldClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface ShieldHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultShieldHttpAuthSchemeProvider: ShieldHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: ShieldHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: ShieldHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-shield/src/extensionConfiguration.ts b/clients/client-shield/src/extensionConfiguration.ts index 53a6c02b4c544..e7e45452b0124 100644 --- a/clients/client-shield/src/extensionConfiguration.ts +++ b/clients/client-shield/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface ShieldExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-shield/src/runtimeConfig.shared.ts b/clients/client-shield/src/runtimeConfig.shared.ts index 9cd26d7832ce3..6ba41dfa1ab71 100644 --- a/clients/client-shield/src/runtimeConfig.shared.ts +++ b/clients/client-shield/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultShieldHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { ShieldClientConfig } from "./ShieldClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: ShieldClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultShieldHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Shield", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-shield/src/runtimeExtensions.ts b/clients/client-shield/src/runtimeExtensions.ts index 2d54acb6b1994..67851f86e4dcd 100644 --- a/clients/client-shield/src/runtimeExtensions.ts +++ b/clients/client-shield/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { ShieldExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-signer/package.json b/clients/client-signer/package.json index c4aa0c702ea44..39f0e21008002 100644 --- a/clients/client-signer/package.json +++ b/clients/client-signer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-signer/src/SignerClient.ts b/clients/client-signer/src/SignerClient.ts index 0ed925c31060c..a05bce2e5e08b 100644 --- a/clients/client-signer/src/SignerClient.ts +++ b/clients/client-signer/src/SignerClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSignerHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddProfilePermissionCommandInput, AddProfilePermissionCommandOutput, @@ -240,21 +245,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -293,8 +299,8 @@ export type SignerClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -313,8 +319,8 @@ export type SignerClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -362,8 +368,8 @@ export class SignerClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -372,8 +378,14 @@ export class SignerClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -384,4 +396,13 @@ export class SignerClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSignerHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SignerClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-signer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-signer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..613fea58db7f2 --- /dev/null +++ b/clients/client-signer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SignerHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SignerHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SignerHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SignerHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SignerHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SignerHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-signer/src/auth/httpAuthSchemeProvider.ts b/clients/client-signer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4122d76ba74f3 --- /dev/null +++ b/clients/client-signer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SignerClientConfig, SignerClientResolvedConfig } from "../SignerClient"; + +/** + * @internal + */ +export interface SignerHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SignerHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SignerClientResolvedConfig, + HandlerExecutionContext, + SignerHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSignerHttpAuthSchemeParametersProvider = async ( + config: SignerClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SignerHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "signer", + region: authParameters.region, + }, + propertiesExtractor: (config: SignerClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SignerHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSignerHttpAuthSchemeProvider: SignerHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SignerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SignerHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-signer/src/extensionConfiguration.ts b/clients/client-signer/src/extensionConfiguration.ts index b7767f19c9906..7764005b24ae7 100644 --- a/clients/client-signer/src/extensionConfiguration.ts +++ b/clients/client-signer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SignerExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-signer/src/runtimeConfig.shared.ts b/clients/client-signer/src/runtimeConfig.shared.ts index 2ae9e6821e738..11720f5ea33d3 100644 --- a/clients/client-signer/src/runtimeConfig.shared.ts +++ b/clients/client-signer/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSignerHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SignerClientConfig } from "./SignerClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SignerClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSignerHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "signer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-signer/src/runtimeExtensions.ts b/clients/client-signer/src/runtimeExtensions.ts index 3373b9eaf8bae..db8b55bc1b22d 100644 --- a/clients/client-signer/src/runtimeExtensions.ts +++ b/clients/client-signer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SignerExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-simspaceweaver/package.json b/clients/client-simspaceweaver/package.json index ffb50a5b06bfe..76c6978440e7e 100644 --- a/clients/client-simspaceweaver/package.json +++ b/clients/client-simspaceweaver/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-simspaceweaver/src/SimSpaceWeaverClient.ts b/clients/client-simspaceweaver/src/SimSpaceWeaverClient.ts index 7ceef18fe3561..9ba5e4b4ab645 100644 --- a/clients/client-simspaceweaver/src/SimSpaceWeaverClient.ts +++ b/clients/client-simspaceweaver/src/SimSpaceWeaverClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSimSpaceWeaverHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSnapshotCommandInput, CreateSnapshotCommandOutput } from "./commands/CreateSnapshotCommand"; import { DeleteAppCommandInput, DeleteAppCommandOutput } from "./commands/DeleteAppCommand"; import { DeleteSimulationCommandInput, DeleteSimulationCommandOutput } from "./commands/DeleteSimulationCommand"; @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type SimSpaceWeaverClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type SimSpaceWeaverClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -322,8 +328,8 @@ export class SimSpaceWeaverClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -332,8 +338,14 @@ export class SimSpaceWeaverClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -344,4 +356,13 @@ export class SimSpaceWeaverClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSimSpaceWeaverHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SimSpaceWeaverClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-simspaceweaver/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-simspaceweaver/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..64e8f5545e513 --- /dev/null +++ b/clients/client-simspaceweaver/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SimSpaceWeaverHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SimSpaceWeaverHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SimSpaceWeaverHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SimSpaceWeaverHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SimSpaceWeaverHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SimSpaceWeaverHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-simspaceweaver/src/auth/httpAuthSchemeProvider.ts b/clients/client-simspaceweaver/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..50b549d2c1826 --- /dev/null +++ b/clients/client-simspaceweaver/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SimSpaceWeaverClientConfig, SimSpaceWeaverClientResolvedConfig } from "../SimSpaceWeaverClient"; + +/** + * @internal + */ +export interface SimSpaceWeaverHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SimSpaceWeaverHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SimSpaceWeaverClientResolvedConfig, + HandlerExecutionContext, + SimSpaceWeaverHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSimSpaceWeaverHttpAuthSchemeParametersProvider = async ( + config: SimSpaceWeaverClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SimSpaceWeaverHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "simspaceweaver", + region: authParameters.region, + }, + propertiesExtractor: (config: SimSpaceWeaverClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SimSpaceWeaverHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSimSpaceWeaverHttpAuthSchemeProvider: SimSpaceWeaverHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SimSpaceWeaverHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SimSpaceWeaverHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-simspaceweaver/src/extensionConfiguration.ts b/clients/client-simspaceweaver/src/extensionConfiguration.ts index 07839356e7776..3d22bc14d3070 100644 --- a/clients/client-simspaceweaver/src/extensionConfiguration.ts +++ b/clients/client-simspaceweaver/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SimSpaceWeaverExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-simspaceweaver/src/runtimeConfig.shared.ts b/clients/client-simspaceweaver/src/runtimeConfig.shared.ts index 01452562b9421..48684b7e3decb 100644 --- a/clients/client-simspaceweaver/src/runtimeConfig.shared.ts +++ b/clients/client-simspaceweaver/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSimSpaceWeaverHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SimSpaceWeaverClientConfig } from "./SimSpaceWeaverClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SimSpaceWeaverClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSimSpaceWeaverHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SimSpaceWeaver", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-simspaceweaver/src/runtimeExtensions.ts b/clients/client-simspaceweaver/src/runtimeExtensions.ts index 9b17418ed8e76..16f79ea2153d7 100644 --- a/clients/client-simspaceweaver/src/runtimeExtensions.ts +++ b/clients/client-simspaceweaver/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SimSpaceWeaverExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sms/package.json b/clients/client-sms/package.json index b4b29cbf97b63..008b302e28882 100644 --- a/clients/client-sms/package.json +++ b/clients/client-sms/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sms/src/SMSClient.ts b/clients/client-sms/src/SMSClient.ts index ca42374dda54b..2b9c68dc45d10 100644 --- a/clients/client-sms/src/SMSClient.ts +++ b/clients/client-sms/src/SMSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSMSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAppCommandInput, CreateAppCommandOutput } from "./commands/CreateAppCommand"; import { CreateReplicationJobCommandInput, @@ -321,21 +326,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -374,8 +380,8 @@ export type SMSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -394,8 +400,8 @@ export type SMSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -452,8 +458,8 @@ export class SMSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -462,8 +468,14 @@ export class SMSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -474,4 +486,13 @@ export class SMSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSMSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SMSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sms/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sms/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..abdb491bf5db8 --- /dev/null +++ b/clients/client-sms/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SMSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SMSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SMSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SMSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SMSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SMSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sms/src/auth/httpAuthSchemeProvider.ts b/clients/client-sms/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3f486284d1933 --- /dev/null +++ b/clients/client-sms/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SMSClientConfig, SMSClientResolvedConfig } from "../SMSClient"; + +/** + * @internal + */ +export interface SMSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SMSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SMSClientResolvedConfig, + HandlerExecutionContext, + SMSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSMSHttpAuthSchemeParametersProvider = async ( + config: SMSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SMSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sms", + region: authParameters.region, + }, + propertiesExtractor: (config: SMSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SMSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSMSHttpAuthSchemeProvider: SMSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SMSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sms/src/extensionConfiguration.ts b/clients/client-sms/src/extensionConfiguration.ts index 22791ad36e60f..ef58b6a0f645a 100644 --- a/clients/client-sms/src/extensionConfiguration.ts +++ b/clients/client-sms/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SMSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sms/src/runtimeConfig.shared.ts b/clients/client-sms/src/runtimeConfig.shared.ts index 1b49826ec4299..e773ff85028f9 100644 --- a/clients/client-sms/src/runtimeConfig.shared.ts +++ b/clients/client-sms/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSMSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SMSClientConfig } from "./SMSClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SMSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSMSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SMS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sms/src/runtimeExtensions.ts b/clients/client-sms/src/runtimeExtensions.ts index e1e9a211fd107..d357de21edab0 100644 --- a/clients/client-sms/src/runtimeExtensions.ts +++ b/clients/client-sms/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SMSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-snow-device-management/package.json b/clients/client-snow-device-management/package.json index cdf7714578a49..1995dbb62d928 100644 --- a/clients/client-snow-device-management/package.json +++ b/clients/client-snow-device-management/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-snow-device-management/src/SnowDeviceManagementClient.ts b/clients/client-snow-device-management/src/SnowDeviceManagementClient.ts index 0dcdfa9429986..ed1ffd048b111 100644 --- a/clients/client-snow-device-management/src/SnowDeviceManagementClient.ts +++ b/clients/client-snow-device-management/src/SnowDeviceManagementClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSnowDeviceManagementHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelTaskCommandInput, CancelTaskCommandOutput } from "./commands/CancelTaskCommand"; import { CreateTaskCommandInput, CreateTaskCommandOutput } from "./commands/CreateTaskCommand"; import { DescribeDeviceCommandInput, DescribeDeviceCommandOutput } from "./commands/DescribeDeviceCommand"; @@ -204,21 +209,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -257,8 +263,8 @@ export type SnowDeviceManagementClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -277,8 +283,8 @@ export type SnowDeviceManagementClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -309,8 +315,8 @@ export class SnowDeviceManagementClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -319,8 +325,14 @@ export class SnowDeviceManagementClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -331,4 +343,13 @@ export class SnowDeviceManagementClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSnowDeviceManagementHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SnowDeviceManagementClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-snow-device-management/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-snow-device-management/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4c9a362bef585 --- /dev/null +++ b/clients/client-snow-device-management/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SnowDeviceManagementHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SnowDeviceManagementHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SnowDeviceManagementHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SnowDeviceManagementHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SnowDeviceManagementHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SnowDeviceManagementHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-snow-device-management/src/auth/httpAuthSchemeProvider.ts b/clients/client-snow-device-management/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..49a4c208b9b44 --- /dev/null +++ b/clients/client-snow-device-management/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + SnowDeviceManagementClientConfig, + SnowDeviceManagementClientResolvedConfig, +} from "../SnowDeviceManagementClient"; + +/** + * @internal + */ +export interface SnowDeviceManagementHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SnowDeviceManagementHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SnowDeviceManagementClientResolvedConfig, + HandlerExecutionContext, + SnowDeviceManagementHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSnowDeviceManagementHttpAuthSchemeParametersProvider = async ( + config: SnowDeviceManagementClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: SnowDeviceManagementHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "snow-device-management", + region: authParameters.region, + }, + propertiesExtractor: (config: SnowDeviceManagementClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SnowDeviceManagementHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSnowDeviceManagementHttpAuthSchemeProvider: SnowDeviceManagementHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SnowDeviceManagementHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SnowDeviceManagementHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-snow-device-management/src/extensionConfiguration.ts b/clients/client-snow-device-management/src/extensionConfiguration.ts index ea63a7e71b573..ed1656d6f3301 100644 --- a/clients/client-snow-device-management/src/extensionConfiguration.ts +++ b/clients/client-snow-device-management/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SnowDeviceManagementExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-snow-device-management/src/runtimeConfig.shared.ts b/clients/client-snow-device-management/src/runtimeConfig.shared.ts index 01ef9fc7d4828..665e02292a4d0 100644 --- a/clients/client-snow-device-management/src/runtimeConfig.shared.ts +++ b/clients/client-snow-device-management/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSnowDeviceManagementHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SnowDeviceManagementClientConfig } from "./SnowDeviceManagementClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SnowDeviceManagementClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSnowDeviceManagementHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Snow Device Management", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-snow-device-management/src/runtimeExtensions.ts b/clients/client-snow-device-management/src/runtimeExtensions.ts index 17877a8a0463e..690ad8b93e2ac 100644 --- a/clients/client-snow-device-management/src/runtimeExtensions.ts +++ b/clients/client-snow-device-management/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SnowDeviceManagementExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-snowball/package.json b/clients/client-snowball/package.json index 8dc97caa37707..8f2c8f8c26ae2 100644 --- a/clients/client-snowball/package.json +++ b/clients/client-snowball/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-snowball/src/SnowballClient.ts b/clients/client-snowball/src/SnowballClient.ts index 8a1c2a6c703f3..20d88c2b54047 100644 --- a/clients/client-snowball/src/SnowballClient.ts +++ b/clients/client-snowball/src/SnowballClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSnowballHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelClusterCommandInput, CancelClusterCommandOutput } from "./commands/CancelClusterCommand"; import { CancelJobCommandInput, CancelJobCommandOutput } from "./commands/CancelJobCommand"; import { CreateAddressCommandInput, CreateAddressCommandOutput } from "./commands/CreateAddressCommand"; @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type SnowballClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type SnowballClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -374,8 +380,8 @@ export class SnowballClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -384,8 +390,14 @@ export class SnowballClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -396,4 +408,13 @@ export class SnowballClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSnowballHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SnowballClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-snowball/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-snowball/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1dfdf7244e721 --- /dev/null +++ b/clients/client-snowball/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SnowballHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SnowballHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SnowballHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SnowballHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SnowballHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SnowballHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-snowball/src/auth/httpAuthSchemeProvider.ts b/clients/client-snowball/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..403bd3586a816 --- /dev/null +++ b/clients/client-snowball/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SnowballClientConfig, SnowballClientResolvedConfig } from "../SnowballClient"; + +/** + * @internal + */ +export interface SnowballHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SnowballHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SnowballClientResolvedConfig, + HandlerExecutionContext, + SnowballHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSnowballHttpAuthSchemeParametersProvider = async ( + config: SnowballClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SnowballHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "snowball", + region: authParameters.region, + }, + propertiesExtractor: (config: SnowballClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SnowballHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSnowballHttpAuthSchemeProvider: SnowballHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SnowballHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SnowballHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-snowball/src/extensionConfiguration.ts b/clients/client-snowball/src/extensionConfiguration.ts index a8846206c7836..d015f1dafb3e7 100644 --- a/clients/client-snowball/src/extensionConfiguration.ts +++ b/clients/client-snowball/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SnowballExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-snowball/src/runtimeConfig.shared.ts b/clients/client-snowball/src/runtimeConfig.shared.ts index c7dedd622476c..5a5cabe4fc219 100644 --- a/clients/client-snowball/src/runtimeConfig.shared.ts +++ b/clients/client-snowball/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSnowballHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SnowballClientConfig } from "./SnowballClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SnowballClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSnowballHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Snowball", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-snowball/src/runtimeExtensions.ts b/clients/client-snowball/src/runtimeExtensions.ts index 268761eff9509..91995d78c488a 100644 --- a/clients/client-snowball/src/runtimeExtensions.ts +++ b/clients/client-snowball/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SnowballExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sns/package.json b/clients/client-sns/package.json index 884932096396a..f2eea65df5f69 100644 --- a/clients/client-sns/package.json +++ b/clients/client-sns/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "fast-xml-parser": "4.2.5", diff --git a/clients/client-sns/src/SNSClient.ts b/clients/client-sns/src/SNSClient.ts index 66693847c72e2..852983af32d1f 100644 --- a/clients/client-sns/src/SNSClient.ts +++ b/clients/client-sns/src/SNSClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSNSHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddPermissionCommandInput, AddPermissionCommandOutput } from "./commands/AddPermissionCommand"; import { CheckIfPhoneNumberIsOptedOutCommandInput, @@ -354,21 +359,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -407,8 +413,8 @@ export type SNSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export type SNSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -471,8 +477,8 @@ export class SNSClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -481,8 +487,14 @@ export class SNSClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -493,4 +505,13 @@ export class SNSClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSNSHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SNSClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sns/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sns/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b15d370b7ffa5 --- /dev/null +++ b/clients/client-sns/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SNSHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SNSHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SNSHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SNSHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SNSHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SNSHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sns/src/auth/httpAuthSchemeProvider.ts b/clients/client-sns/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..42d51885853e4 --- /dev/null +++ b/clients/client-sns/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SNSClientConfig, SNSClientResolvedConfig } from "../SNSClient"; + +/** + * @internal + */ +export interface SNSHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SNSHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SNSClientResolvedConfig, + HandlerExecutionContext, + SNSHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSNSHttpAuthSchemeParametersProvider = async ( + config: SNSClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SNSHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sns", + region: authParameters.region, + }, + propertiesExtractor: (config: SNSClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SNSHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSNSHttpAuthSchemeProvider: SNSHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SNSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SNSHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sns/src/extensionConfiguration.ts b/clients/client-sns/src/extensionConfiguration.ts index 227786594be21..bb6228251da68 100644 --- a/clients/client-sns/src/extensionConfiguration.ts +++ b/clients/client-sns/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SNSExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sns/src/runtimeConfig.shared.ts b/clients/client-sns/src/runtimeConfig.shared.ts index 0d8936c9a50f1..444706a73c8e6 100644 --- a/clients/client-sns/src/runtimeConfig.shared.ts +++ b/clients/client-sns/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSNSHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SNSClientConfig } from "./SNSClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SNSClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSNSHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SNS", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sns/src/runtimeExtensions.ts b/clients/client-sns/src/runtimeExtensions.ts index 10281063aca56..810f15a8d1b87 100644 --- a/clients/client-sns/src/runtimeExtensions.ts +++ b/clients/client-sns/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SNSExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sqs/package.json b/clients/client-sqs/package.json index 9e5a0c72b47f7..a5c908bfc7775 100644 --- a/clients/client-sqs/package.json +++ b/clients/client-sqs/package.json @@ -34,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,7 +54,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-ssm-contacts/package.json b/clients/client-ssm-contacts/package.json index eabc096a7dcc5..53e2d90558503 100644 --- a/clients/client-ssm-contacts/package.json +++ b/clients/client-ssm-contacts/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-ssm-contacts/src/SSMContactsClient.ts b/clients/client-ssm-contacts/src/SSMContactsClient.ts index 05d00414c989c..6ee40d0611598 100644 --- a/clients/client-ssm-contacts/src/SSMContactsClient.ts +++ b/clients/client-ssm-contacts/src/SSMContactsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSMContactsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AcceptPageCommandInput, AcceptPageCommandOutput } from "./commands/AcceptPageCommand"; import { ActivateContactChannelCommandInput, @@ -315,21 +320,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -368,8 +374,8 @@ export type SSMContactsClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -388,8 +394,8 @@ export type SSMContactsClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export class SSMContactsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -437,8 +443,14 @@ export class SSMContactsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -449,4 +461,13 @@ export class SSMContactsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSMContactsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSMContactsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ssm-contacts/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ssm-contacts/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..a94d97b858421 --- /dev/null +++ b/clients/client-ssm-contacts/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSMContactsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMContactsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSMContactsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSMContactsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMContactsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSMContactsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ssm-contacts/src/auth/httpAuthSchemeProvider.ts b/clients/client-ssm-contacts/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..38a77646a05c5 --- /dev/null +++ b/clients/client-ssm-contacts/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSMContactsClientConfig, SSMContactsClientResolvedConfig } from "../SSMContactsClient"; + +/** + * @internal + */ +export interface SSMContactsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSMContactsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSMContactsClientResolvedConfig, + HandlerExecutionContext, + SSMContactsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSMContactsHttpAuthSchemeParametersProvider = async ( + config: SSMContactsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSMContactsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ssm-contacts", + region: authParameters.region, + }, + propertiesExtractor: (config: SSMContactsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SSMContactsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSMContactsHttpAuthSchemeProvider: SSMContactsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSMContactsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSMContactsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ssm-contacts/src/extensionConfiguration.ts b/clients/client-ssm-contacts/src/extensionConfiguration.ts index 274250c6a319b..4ea9c2204e03f 100644 --- a/clients/client-ssm-contacts/src/extensionConfiguration.ts +++ b/clients/client-ssm-contacts/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSMContactsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ssm-contacts/src/runtimeConfig.shared.ts b/clients/client-ssm-contacts/src/runtimeConfig.shared.ts index c17db29da6ad4..f2fd503c358e8 100644 --- a/clients/client-ssm-contacts/src/runtimeConfig.shared.ts +++ b/clients/client-ssm-contacts/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSMContactsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSMContactsClientConfig } from "./SSMContactsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SSMContactsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSMContactsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSM Contacts", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ssm-contacts/src/runtimeExtensions.ts b/clients/client-ssm-contacts/src/runtimeExtensions.ts index 6aabc74d20dcd..737f3425e5424 100644 --- a/clients/client-ssm-contacts/src/runtimeExtensions.ts +++ b/clients/client-ssm-contacts/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSMContactsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ssm-incidents/package.json b/clients/client-ssm-incidents/package.json index 0a99ba2beb7d4..a03141cacfc0d 100644 --- a/clients/client-ssm-incidents/package.json +++ b/clients/client-ssm-incidents/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-ssm-incidents/src/SSMIncidentsClient.ts b/clients/client-ssm-incidents/src/SSMIncidentsClient.ts index a4fcf586f4092..d76846dc77786 100644 --- a/clients/client-ssm-incidents/src/SSMIncidentsClient.ts +++ b/clients/client-ssm-incidents/src/SSMIncidentsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSMIncidentsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetIncidentFindingsCommandInput, BatchGetIncidentFindingsCommandOutput, @@ -297,21 +302,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -350,8 +356,8 @@ export type SSMIncidentsClientConfigType = Partial<__SmithyConfiguration<__HttpH EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -370,8 +376,8 @@ export type SSMIncidentsClientResolvedConfigType = __SmithyResolvedConfiguration EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -409,8 +415,8 @@ export class SSMIncidentsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -419,8 +425,14 @@ export class SSMIncidentsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -431,4 +443,13 @@ export class SSMIncidentsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSMIncidentsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSMIncidentsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ssm-incidents/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ssm-incidents/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..164faad9cc652 --- /dev/null +++ b/clients/client-ssm-incidents/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSMIncidentsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMIncidentsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSMIncidentsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSMIncidentsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMIncidentsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSMIncidentsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ssm-incidents/src/auth/httpAuthSchemeProvider.ts b/clients/client-ssm-incidents/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a6d42b1c52041 --- /dev/null +++ b/clients/client-ssm-incidents/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSMIncidentsClientConfig, SSMIncidentsClientResolvedConfig } from "../SSMIncidentsClient"; + +/** + * @internal + */ +export interface SSMIncidentsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSMIncidentsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSMIncidentsClientResolvedConfig, + HandlerExecutionContext, + SSMIncidentsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSMIncidentsHttpAuthSchemeParametersProvider = async ( + config: SSMIncidentsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSMIncidentsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ssm-incidents", + region: authParameters.region, + }, + propertiesExtractor: (config: SSMIncidentsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SSMIncidentsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSMIncidentsHttpAuthSchemeProvider: SSMIncidentsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSMIncidentsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSMIncidentsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ssm-incidents/src/extensionConfiguration.ts b/clients/client-ssm-incidents/src/extensionConfiguration.ts index a67bd040a25a7..b122c924c67ed 100644 --- a/clients/client-ssm-incidents/src/extensionConfiguration.ts +++ b/clients/client-ssm-incidents/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSMIncidentsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ssm-incidents/src/runtimeConfig.shared.ts b/clients/client-ssm-incidents/src/runtimeConfig.shared.ts index 413614739ea9f..50906d3ca8c25 100644 --- a/clients/client-ssm-incidents/src/runtimeConfig.shared.ts +++ b/clients/client-ssm-incidents/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSMIncidentsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSMIncidentsClientConfig } from "./SSMIncidentsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SSMIncidentsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSMIncidentsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSM Incidents", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ssm-incidents/src/runtimeExtensions.ts b/clients/client-ssm-incidents/src/runtimeExtensions.ts index 09b0224e9b0ff..21ccf9a1c5bcf 100644 --- a/clients/client-ssm-incidents/src/runtimeExtensions.ts +++ b/clients/client-ssm-incidents/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSMIncidentsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ssm-sap/package.json b/clients/client-ssm-sap/package.json index 0dd9b670fd38c..5eb5d01ecf3d9 100644 --- a/clients/client-ssm-sap/package.json +++ b/clients/client-ssm-sap/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-ssm-sap/src/SsmSapClient.ts b/clients/client-ssm-sap/src/SsmSapClient.ts index ba9675ebfab35..ce7e2a0e441b5 100644 --- a/clients/client-ssm-sap/src/SsmSapClient.ts +++ b/clients/client-ssm-sap/src/SsmSapClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSsmSapHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { DeleteResourcePermissionCommandInput, DeleteResourcePermissionCommandOutput, @@ -234,21 +239,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -287,8 +293,8 @@ export type SsmSapClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export type SsmSapClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -341,8 +347,8 @@ export class SsmSapClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -351,8 +357,14 @@ export class SsmSapClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -363,4 +375,13 @@ export class SsmSapClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSsmSapHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SsmSapClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ssm-sap/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ssm-sap/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..9dc4b1b8a92e5 --- /dev/null +++ b/clients/client-ssm-sap/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SsmSapHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SsmSapHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SsmSapHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SsmSapHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SsmSapHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SsmSapHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ssm-sap/src/auth/httpAuthSchemeProvider.ts b/clients/client-ssm-sap/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ddb9e311d3de2 --- /dev/null +++ b/clients/client-ssm-sap/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SsmSapClientConfig, SsmSapClientResolvedConfig } from "../SsmSapClient"; + +/** + * @internal + */ +export interface SsmSapHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SsmSapHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SsmSapClientResolvedConfig, + HandlerExecutionContext, + SsmSapHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSsmSapHttpAuthSchemeParametersProvider = async ( + config: SsmSapClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SsmSapHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ssm-sap", + region: authParameters.region, + }, + propertiesExtractor: (config: SsmSapClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SsmSapHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSsmSapHttpAuthSchemeProvider: SsmSapHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SsmSapHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SsmSapHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ssm-sap/src/extensionConfiguration.ts b/clients/client-ssm-sap/src/extensionConfiguration.ts index 33760fefa2da7..97d1c6a1b10ba 100644 --- a/clients/client-ssm-sap/src/extensionConfiguration.ts +++ b/clients/client-ssm-sap/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SsmSapExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ssm-sap/src/runtimeConfig.shared.ts b/clients/client-ssm-sap/src/runtimeConfig.shared.ts index 32806db8d3d20..6d413845009f0 100644 --- a/clients/client-ssm-sap/src/runtimeConfig.shared.ts +++ b/clients/client-ssm-sap/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSsmSapHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SsmSapClientConfig } from "./SsmSapClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SsmSapClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSsmSapHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Ssm Sap", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ssm-sap/src/runtimeExtensions.ts b/clients/client-ssm-sap/src/runtimeExtensions.ts index 17ac6cb40d65b..84e7026c06f31 100644 --- a/clients/client-ssm-sap/src/runtimeExtensions.ts +++ b/clients/client-ssm-sap/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SsmSapExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-ssm/package.json b/clients/client-ssm/package.json index 7b89bceb6913b..eeacc26796004 100644 --- a/clients/client-ssm/package.json +++ b/clients/client-ssm/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-ssm/src/SSMClient.ts b/clients/client-ssm/src/SSMClient.ts index ff65ca90fa971..08b0a5c572798 100644 --- a/clients/client-ssm/src/SSMClient.ts +++ b/clients/client-ssm/src/SSMClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSMHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddTagsToResourceCommandInput, AddTagsToResourceCommandOutput } from "./commands/AddTagsToResourceCommand"; import { AssociateOpsItemRelatedItemCommandInput, @@ -849,21 +854,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -902,8 +908,8 @@ export type SSMClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -922,8 +928,8 @@ export type SSMClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -989,8 +995,8 @@ export class SSMClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -999,8 +1005,14 @@ export class SSMClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -1011,4 +1023,13 @@ export class SSMClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSMHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSMClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-ssm/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-ssm/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1736c3e44aafc --- /dev/null +++ b/clients/client-ssm/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSMHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSMHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSMHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSMHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSMHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-ssm/src/auth/httpAuthSchemeProvider.ts b/clients/client-ssm/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9cc1a02b13ddc --- /dev/null +++ b/clients/client-ssm/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSMClientConfig, SSMClientResolvedConfig } from "../SSMClient"; + +/** + * @internal + */ +export interface SSMHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSMHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSMClientResolvedConfig, + HandlerExecutionContext, + SSMHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSMHttpAuthSchemeParametersProvider = async ( + config: SSMClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSMHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "ssm", + region: authParameters.region, + }, + propertiesExtractor: (config: SSMClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SSMHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSMHttpAuthSchemeProvider: SSMHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSMHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-ssm/src/extensionConfiguration.ts b/clients/client-ssm/src/extensionConfiguration.ts index 60692ce163741..ebab648805283 100644 --- a/clients/client-ssm/src/extensionConfiguration.ts +++ b/clients/client-ssm/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSMExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-ssm/src/runtimeConfig.shared.ts b/clients/client-ssm/src/runtimeConfig.shared.ts index 1fbd1313ba0ac..e323b5f99aeaa 100644 --- a/clients/client-ssm/src/runtimeConfig.shared.ts +++ b/clients/client-ssm/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSMHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSMClientConfig } from "./SSMClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SSMClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSMHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSM", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-ssm/src/runtimeExtensions.ts b/clients/client-ssm/src/runtimeExtensions.ts index 391c5ec3b9825..2e431ffaa252d 100644 --- a/clients/client-ssm/src/runtimeExtensions.ts +++ b/clients/client-ssm/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSMExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sso-admin/package.json b/clients/client-sso-admin/package.json index 212fc54d1c60c..34d721b6a2cfd 100644 --- a/clients/client-sso-admin/package.json +++ b/clients/client-sso-admin/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-sso-admin/src/SSOAdminClient.ts b/clients/client-sso-admin/src/SSOAdminClient.ts index 3bb1a9614eece..dd9d03666630c 100644 --- a/clients/client-sso-admin/src/SSOAdminClient.ts +++ b/clients/client-sso-admin/src/SSOAdminClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSOAdminHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AttachCustomerManagedPolicyReferenceToPermissionSetCommandInput, AttachCustomerManagedPolicyReferenceToPermissionSetCommandOutput, @@ -558,21 +563,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -611,8 +617,8 @@ export type SSOAdminClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -631,8 +637,8 @@ export type SSOAdminClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -686,8 +692,8 @@ export class SSOAdminClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -696,8 +702,14 @@ export class SSOAdminClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -708,4 +720,13 @@ export class SSOAdminClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSOAdminHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSOAdminClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sso-admin/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sso-admin/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c75659c043311 --- /dev/null +++ b/clients/client-sso-admin/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSOAdminHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOAdminHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSOAdminHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSOAdminHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOAdminHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSOAdminHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sso-admin/src/auth/httpAuthSchemeProvider.ts b/clients/client-sso-admin/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0e0e8e0554169 --- /dev/null +++ b/clients/client-sso-admin/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSOAdminClientConfig, SSOAdminClientResolvedConfig } from "../SSOAdminClient"; + +/** + * @internal + */ +export interface SSOAdminHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSOAdminHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSOAdminClientResolvedConfig, + HandlerExecutionContext, + SSOAdminHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSOAdminHttpAuthSchemeParametersProvider = async ( + config: SSOAdminClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSOAdminHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sso", + region: authParameters.region, + }, + propertiesExtractor: (config: SSOAdminClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SSOAdminHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSOAdminHttpAuthSchemeProvider: SSOAdminHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSOAdminHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSOAdminHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sso-admin/src/extensionConfiguration.ts b/clients/client-sso-admin/src/extensionConfiguration.ts index e6730c586d8e0..69386f3fe6d8a 100644 --- a/clients/client-sso-admin/src/extensionConfiguration.ts +++ b/clients/client-sso-admin/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSOAdminExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sso-admin/src/runtimeConfig.shared.ts b/clients/client-sso-admin/src/runtimeConfig.shared.ts index 6fc94e3896a00..e715709febe95 100644 --- a/clients/client-sso-admin/src/runtimeConfig.shared.ts +++ b/clients/client-sso-admin/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSOAdminHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSOAdminClientConfig } from "./SSOAdminClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SSOAdminClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSOAdminHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSO Admin", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sso-admin/src/runtimeExtensions.ts b/clients/client-sso-admin/src/runtimeExtensions.ts index 77109e6c12f2e..b2bd58c4c485e 100644 --- a/clients/client-sso-admin/src/runtimeExtensions.ts +++ b/clients/client-sso-admin/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSOAdminExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sso-oidc/package.json b/clients/client-sso-oidc/package.json index 58b56e2765909..0a02d9250da9f 100644 --- a/clients/client-sso-oidc/package.json +++ b/clients/client-sso-oidc/package.json @@ -25,7 +25,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -33,7 +32,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +51,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sso-oidc/src/SSOOIDCClient.ts b/clients/client-sso-oidc/src/SSOOIDCClient.ts index 7deca2fa18618..1b0832306fb5a 100644 --- a/clients/client-sso-oidc/src/SSOOIDCClient.ts +++ b/clients/client-sso-oidc/src/SSOOIDCClient.ts @@ -7,15 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { AwsAuthInputConfig, AwsAuthResolvedConfig, resolveAwsAuthConfig } from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -27,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -43,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSOOIDCHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateTokenCommandInput, CreateTokenCommandOutput } from "./commands/CreateTokenCommand"; import { CreateTokenWithIAMCommandInput, CreateTokenWithIAMCommandOutput } from "./commands/CreateTokenWithIAMCommand"; import { RegisterClientCommandInput, RegisterClientCommandOutput } from "./commands/RegisterClientCommand"; @@ -166,21 +176,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -219,8 +230,8 @@ export type SSOOIDCClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -239,8 +250,8 @@ export type SSOOIDCClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -308,8 +319,8 @@ export class SSOOIDCClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -319,6 +330,13 @@ export class SSOOIDCClient extends __Client< this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -329,4 +347,13 @@ export class SSOOIDCClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSOOIDCHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSOOIDCClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sso-oidc/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sso-oidc/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3c506f609e2df --- /dev/null +++ b/clients/client-sso-oidc/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSOOIDCHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOOIDCHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSOOIDCHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSOOIDCHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOOIDCHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSOOIDCHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sso-oidc/src/auth/httpAuthSchemeProvider.ts b/clients/client-sso-oidc/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..9046bf519e9e5 --- /dev/null +++ b/clients/client-sso-oidc/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,155 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSOOIDCClientConfig, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient"; + +/** + * @internal + */ +export interface SSOOIDCHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSOOIDCHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSOOIDCClientResolvedConfig, + HandlerExecutionContext, + SSOOIDCHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSOOIDCHttpAuthSchemeParametersProvider = async ( + config: SSOOIDCClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSOOIDCHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "sso-oauth", + region: authParameters.region, + }, + propertiesExtractor: (config: SSOOIDCClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +function createSmithyApiNoAuthHttpAuthOption(authParameters: SSOOIDCHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "smithy.api#noAuth", + }; +} + +/** + * @internal + */ +export interface SSOOIDCHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSOOIDCHttpAuthSchemeProvider: SSOOIDCHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + case "CreateToken": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "RegisterClient": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "StartDeviceAuthorization": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSOOIDCHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSOOIDCHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts b/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts index c8cd8c4320b78..610b6430bcf56 100644 --- a/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts +++ b/clients/client-sso-oidc/src/commands/CreateTokenWithIAMCommand.ts @@ -1,5 +1,4 @@ // smithy-typescript generated code -import { getAwsAuthPlugin } from "@aws-sdk/middleware-signing"; import { getEndpointPlugin } from "@smithy/middleware-endpoint"; import { getSerdePlugin } from "@smithy/middleware-serde"; import { Command as $Command } from "@smithy/smithy-client"; @@ -262,7 +261,6 @@ export class CreateTokenWithIAMCommand extends $Command return [ getSerdePlugin(config, this.serialize, this.deserialize), getEndpointPlugin(config, Command.getEndpointParameterInstructions()), - getAwsAuthPlugin(config), ]; }) .s("AWSSSOOIDCService", "CreateTokenWithIAM", {}) diff --git a/clients/client-sso-oidc/src/extensionConfiguration.ts b/clients/client-sso-oidc/src/extensionConfiguration.ts index b057c7e495ac4..0907f5df89a75 100644 --- a/clients/client-sso-oidc/src/extensionConfiguration.ts +++ b/clients/client-sso-oidc/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSOOIDCExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sso-oidc/src/runtimeConfig.shared.ts b/clients/client-sso-oidc/src/runtimeConfig.shared.ts index fb6450c97f86a..7610dd986fee7 100644 --- a/clients/client-sso-oidc/src/runtimeConfig.shared.ts +++ b/clients/client-sso-oidc/src/runtimeConfig.shared.ts @@ -1,9 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; +import { NoAuthSigner } from "@smithy/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSOOIDCHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSOOIDCClientConfig } from "./SSOOIDCClient"; @@ -18,6 +22,20 @@ export const getRuntimeConfig = (config: SSOOIDCClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSOOIDCHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc: IdentityProviderConfig) => + ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new NoAuthSigner(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSO OIDC", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sso-oidc/src/runtimeExtensions.ts b/clients/client-sso-oidc/src/runtimeExtensions.ts index f01ee5a324fe6..c4c6719671f74 100644 --- a/clients/client-sso-oidc/src/runtimeExtensions.ts +++ b/clients/client-sso-oidc/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSOOIDCExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sso/package.json b/clients/client-sso/package.json index d1da0213dfc38..5b0f02acac349 100644 --- a/clients/client-sso/package.json +++ b/clients/client-sso/package.json @@ -31,7 +31,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -50,8 +50,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-sso/src/SSOClient.ts b/clients/client-sso/src/SSOClient.ts index 426970574f29a..2027986e395ad 100644 --- a/clients/client-sso/src/SSOClient.ts +++ b/clients/client-sso/src/SSOClient.ts @@ -14,6 +14,11 @@ import { UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -41,6 +46,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSSOHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetRoleCredentialsCommandInput, GetRoleCredentialsCommandOutput } from "./commands/GetRoleCredentialsCommand"; import { ListAccountRolesCommandInput, ListAccountRolesCommandOutput } from "./commands/ListAccountRolesCommand"; import { ListAccountsCommandInput, ListAccountsCommandOutput } from "./commands/ListAccountsCommand"; @@ -160,17 +171,17 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ */ useFipsEndpoint?: boolean | __Provider; - /** - * The AWS region to which this client will send requests - */ - region?: string | __Provider; - /** * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header * @internal */ defaultUserAgentProvider?: Provider<__UserAgent>; + /** + * The AWS region to which this client will send requests + */ + region?: string | __Provider; + /** * Value for how many times a request will be made at most in case of retry. */ @@ -209,6 +220,7 @@ export type SSOClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt RetryInputConfig & HostHeaderInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -228,6 +240,7 @@ export type SSOClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa RetryResolvedConfig & HostHeaderResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -274,15 +287,23 @@ export class SSOClient extends __Client< const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); const _config_6 = resolveUserAgentConfig(_config_5); - const _config_7 = resolveRuntimeExtensions(_config_6, configuration?.extensions || []); - super(_config_7); - this.config = _config_7; + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); + const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); + super(_config_8); + this.config = _config_8; this.middlewareStack.use(getRetryPlugin(this.config)); this.middlewareStack.use(getContentLengthPlugin(this.config)); this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -293,4 +314,13 @@ export class SSOClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSSOHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SSOClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-sso/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-sso/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1245bd3b6ab94 --- /dev/null +++ b/clients/client-sso/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SSOHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SSOHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SSOHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SSOHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SSOHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-sso/src/auth/httpAuthSchemeProvider.ts b/clients/client-sso/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..96830e03ff3ab --- /dev/null +++ b/clients/client-sso/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,159 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SSOClientConfig, SSOClientResolvedConfig } from "../SSOClient"; + +/** + * @internal + */ +export interface SSOHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SSOHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SSOClientResolvedConfig, + HandlerExecutionContext, + SSOHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSSOHttpAuthSchemeParametersProvider = async ( + config: SSOClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SSOHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "awsssoportal", + region: authParameters.region, + }, + propertiesExtractor: (config: SSOClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +function createSmithyApiNoAuthHttpAuthOption(authParameters: SSOHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "smithy.api#noAuth", + }; +} + +/** + * @internal + */ +export interface SSOHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSSOHttpAuthSchemeProvider: SSOHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + case "GetRoleCredentials": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ListAccountRoles": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "ListAccounts": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + case "Logout": { + options.push(createSmithyApiNoAuthHttpAuthOption(authParameters)); + break; + } + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SSOHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SSOHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-sso/src/extensionConfiguration.ts b/clients/client-sso/src/extensionConfiguration.ts index 1640e93975162..1adc84580cf23 100644 --- a/clients/client-sso/src/extensionConfiguration.ts +++ b/clients/client-sso/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SSOExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-sso/src/runtimeConfig.shared.ts b/clients/client-sso/src/runtimeConfig.shared.ts index 99b8afa005609..9c8c4d80f482d 100644 --- a/clients/client-sso/src/runtimeConfig.shared.ts +++ b/clients/client-sso/src/runtimeConfig.shared.ts @@ -1,9 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; +import { NoAuthSigner } from "@smithy/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSSOHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SSOClientConfig } from "./SSOClient"; @@ -18,6 +22,20 @@ export const getRuntimeConfig = (config: SSOClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSSOHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + { + schemeId: "smithy.api#noAuth", + identityProvider: (ipc: IdentityProviderConfig) => + ipc.getIdentityProvider("smithy.api#noAuth") || (async () => ({})), + signer: new NoAuthSigner(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SSO", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-sso/src/runtimeExtensions.ts b/clients/client-sso/src/runtimeExtensions.ts index c810ccf0b8ba4..b335035b461a5 100644 --- a/clients/client-sso/src/runtimeExtensions.ts +++ b/clients/client-sso/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SSOExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-storage-gateway/package.json b/clients/client-storage-gateway/package.json index 76e892fc342f6..59dfeb0e33bcc 100644 --- a/clients/client-storage-gateway/package.json +++ b/clients/client-storage-gateway/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-storage-gateway/src/StorageGatewayClient.ts b/clients/client-storage-gateway/src/StorageGatewayClient.ts index 96af2cbb2c2ad..e7050a8894871 100644 --- a/clients/client-storage-gateway/src/StorageGatewayClient.ts +++ b/clients/client-storage-gateway/src/StorageGatewayClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultStorageGatewayHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { ActivateGatewayCommandInput, ActivateGatewayCommandOutput } from "./commands/ActivateGatewayCommand"; import { AddCacheCommandInput, AddCacheCommandOutput } from "./commands/AddCacheCommand"; import { AddTagsToResourceCommandInput, AddTagsToResourceCommandOutput } from "./commands/AddTagsToResourceCommand"; @@ -579,21 +584,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -632,8 +638,8 @@ export type StorageGatewayClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -652,8 +658,8 @@ export type StorageGatewayClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -742,8 +748,8 @@ export class StorageGatewayClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -752,8 +758,14 @@ export class StorageGatewayClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -764,4 +776,13 @@ export class StorageGatewayClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultStorageGatewayHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: StorageGatewayClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-storage-gateway/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-storage-gateway/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..06e0b11c7a316 --- /dev/null +++ b/clients/client-storage-gateway/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { StorageGatewayHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: StorageGatewayHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): StorageGatewayHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: StorageGatewayHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: StorageGatewayHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): StorageGatewayHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-storage-gateway/src/auth/httpAuthSchemeProvider.ts b/clients/client-storage-gateway/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e28e11a4a7afd --- /dev/null +++ b/clients/client-storage-gateway/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { StorageGatewayClientConfig, StorageGatewayClientResolvedConfig } from "../StorageGatewayClient"; + +/** + * @internal + */ +export interface StorageGatewayHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface StorageGatewayHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + StorageGatewayClientResolvedConfig, + HandlerExecutionContext, + StorageGatewayHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultStorageGatewayHttpAuthSchemeParametersProvider = async ( + config: StorageGatewayClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: StorageGatewayHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "storagegateway", + region: authParameters.region, + }, + propertiesExtractor: (config: StorageGatewayClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface StorageGatewayHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultStorageGatewayHttpAuthSchemeProvider: StorageGatewayHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: StorageGatewayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: StorageGatewayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-storage-gateway/src/extensionConfiguration.ts b/clients/client-storage-gateway/src/extensionConfiguration.ts index 80c26d841917a..80f497dc882bb 100644 --- a/clients/client-storage-gateway/src/extensionConfiguration.ts +++ b/clients/client-storage-gateway/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface StorageGatewayExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-storage-gateway/src/runtimeConfig.shared.ts b/clients/client-storage-gateway/src/runtimeConfig.shared.ts index 8189ff81808ff..3d8e7094461f2 100644 --- a/clients/client-storage-gateway/src/runtimeConfig.shared.ts +++ b/clients/client-storage-gateway/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultStorageGatewayHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { StorageGatewayClientConfig } from "./StorageGatewayClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: StorageGatewayClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultStorageGatewayHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Storage Gateway", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-storage-gateway/src/runtimeExtensions.ts b/clients/client-storage-gateway/src/runtimeExtensions.ts index fac9d27365f87..e3edab43a454c 100644 --- a/clients/client-storage-gateway/src/runtimeExtensions.ts +++ b/clients/client-storage-gateway/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { StorageGatewayExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-sts/package.json b/clients/client-sts/package.json index 86faea04aa0bb..b1f82554ee1a8 100644 --- a/clients/client-sts/package.json +++ b/clients/client-sts/package.json @@ -33,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,7 +52,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", diff --git a/clients/client-supplychain/package.json b/clients/client-supplychain/package.json index 4058bba8620d6..af8e8b9862063 100644 --- a/clients/client-supplychain/package.json +++ b/clients/client-supplychain/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-supplychain/src/SupplyChainClient.ts b/clients/client-supplychain/src/SupplyChainClient.ts index eea6fec67ee2d..49e23c2fff2f8 100644 --- a/clients/client-supplychain/src/SupplyChainClient.ts +++ b/clients/client-supplychain/src/SupplyChainClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSupplyChainHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBillOfMaterialsImportJobCommandInput, CreateBillOfMaterialsImportJobCommandOutput, @@ -164,21 +169,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -217,8 +223,8 @@ export type SupplyChainClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -237,8 +243,8 @@ export type SupplyChainClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -275,8 +281,8 @@ export class SupplyChainClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -285,8 +291,14 @@ export class SupplyChainClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -297,4 +309,13 @@ export class SupplyChainClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSupplyChainHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SupplyChainClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-supplychain/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-supplychain/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..962f7348b5435 --- /dev/null +++ b/clients/client-supplychain/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SupplyChainHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupplyChainHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SupplyChainHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SupplyChainHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupplyChainHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SupplyChainHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-supplychain/src/auth/httpAuthSchemeProvider.ts b/clients/client-supplychain/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c152553369210 --- /dev/null +++ b/clients/client-supplychain/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SupplyChainClientConfig, SupplyChainClientResolvedConfig } from "../SupplyChainClient"; + +/** + * @internal + */ +export interface SupplyChainHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SupplyChainHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SupplyChainClientResolvedConfig, + HandlerExecutionContext, + SupplyChainHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSupplyChainHttpAuthSchemeParametersProvider = async ( + config: SupplyChainClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SupplyChainHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "scn", + region: authParameters.region, + }, + propertiesExtractor: (config: SupplyChainClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SupplyChainHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSupplyChainHttpAuthSchemeProvider: SupplyChainHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SupplyChainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SupplyChainHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-supplychain/src/extensionConfiguration.ts b/clients/client-supplychain/src/extensionConfiguration.ts index 28eab98a1f2b6..61e7ef6ad482a 100644 --- a/clients/client-supplychain/src/extensionConfiguration.ts +++ b/clients/client-supplychain/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SupplyChainExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-supplychain/src/runtimeConfig.shared.ts b/clients/client-supplychain/src/runtimeConfig.shared.ts index 4672e51cdce04..ced21a0804b2e 100644 --- a/clients/client-supplychain/src/runtimeConfig.shared.ts +++ b/clients/client-supplychain/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSupplyChainHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SupplyChainClientConfig } from "./SupplyChainClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SupplyChainClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSupplyChainHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SupplyChain", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-supplychain/src/runtimeExtensions.ts b/clients/client-supplychain/src/runtimeExtensions.ts index 0be7f64272cb1..bde061632ee80 100644 --- a/clients/client-supplychain/src/runtimeExtensions.ts +++ b/clients/client-supplychain/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SupplyChainExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-support-app/package.json b/clients/client-support-app/package.json index 6d87919b83729..de0f492fad041 100644 --- a/clients/client-support-app/package.json +++ b/clients/client-support-app/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-support-app/src/SupportAppClient.ts b/clients/client-support-app/src/SupportAppClient.ts index 2eb063114974a..b2e1d314e6caa 100644 --- a/clients/client-support-app/src/SupportAppClient.ts +++ b/clients/client-support-app/src/SupportAppClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSupportAppHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateSlackChannelConfigurationCommandInput, CreateSlackChannelConfigurationCommandOutput, @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type SupportAppClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type SupportAppClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -365,8 +371,8 @@ export class SupportAppClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -375,8 +381,14 @@ export class SupportAppClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -387,4 +399,13 @@ export class SupportAppClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSupportAppHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SupportAppClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-support-app/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-support-app/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e4b8ed0976e11 --- /dev/null +++ b/clients/client-support-app/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SupportAppHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupportAppHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SupportAppHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SupportAppHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupportAppHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SupportAppHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-support-app/src/auth/httpAuthSchemeProvider.ts b/clients/client-support-app/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5dcc606bd87c2 --- /dev/null +++ b/clients/client-support-app/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SupportAppClientConfig, SupportAppClientResolvedConfig } from "../SupportAppClient"; + +/** + * @internal + */ +export interface SupportAppHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SupportAppHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SupportAppClientResolvedConfig, + HandlerExecutionContext, + SupportAppHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSupportAppHttpAuthSchemeParametersProvider = async ( + config: SupportAppClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SupportAppHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "supportapp", + region: authParameters.region, + }, + propertiesExtractor: (config: SupportAppClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SupportAppHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSupportAppHttpAuthSchemeProvider: SupportAppHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SupportAppHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SupportAppHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-support-app/src/extensionConfiguration.ts b/clients/client-support-app/src/extensionConfiguration.ts index e668e47f743cb..a007b4298cb72 100644 --- a/clients/client-support-app/src/extensionConfiguration.ts +++ b/clients/client-support-app/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SupportAppExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-support-app/src/runtimeConfig.shared.ts b/clients/client-support-app/src/runtimeConfig.shared.ts index c3943b9acc2a7..e093e1538195e 100644 --- a/clients/client-support-app/src/runtimeConfig.shared.ts +++ b/clients/client-support-app/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSupportAppHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SupportAppClientConfig } from "./SupportAppClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SupportAppClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSupportAppHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Support App", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-support-app/src/runtimeExtensions.ts b/clients/client-support-app/src/runtimeExtensions.ts index c0ebf277d1b84..95ca4f062732b 100644 --- a/clients/client-support-app/src/runtimeExtensions.ts +++ b/clients/client-support-app/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SupportAppExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-support/package.json b/clients/client-support/package.json index a4432c49aa8b4..0678f8e886a4b 100644 --- a/clients/client-support/package.json +++ b/clients/client-support/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-support/src/SupportClient.ts b/clients/client-support/src/SupportClient.ts index 25086d8c852b0..c07657c31222e 100644 --- a/clients/client-support/src/SupportClient.ts +++ b/clients/client-support/src/SupportClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSupportHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AddAttachmentsToSetCommandInput, AddAttachmentsToSetCommandOutput, @@ -237,21 +242,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -290,8 +296,8 @@ export type SupportClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -310,8 +316,8 @@ export type SupportClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -385,8 +391,8 @@ export class SupportClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -395,8 +401,14 @@ export class SupportClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -407,4 +419,13 @@ export class SupportClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSupportHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SupportClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-support/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-support/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b8de3b362d448 --- /dev/null +++ b/clients/client-support/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SupportHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupportHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SupportHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SupportHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SupportHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SupportHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-support/src/auth/httpAuthSchemeProvider.ts b/clients/client-support/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d19ddc1bcca1f --- /dev/null +++ b/clients/client-support/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SupportClientConfig, SupportClientResolvedConfig } from "../SupportClient"; + +/** + * @internal + */ +export interface SupportHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SupportHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SupportClientResolvedConfig, + HandlerExecutionContext, + SupportHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSupportHttpAuthSchemeParametersProvider = async ( + config: SupportClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SupportHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "support", + region: authParameters.region, + }, + propertiesExtractor: (config: SupportClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SupportHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSupportHttpAuthSchemeProvider: SupportHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SupportHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SupportHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-support/src/extensionConfiguration.ts b/clients/client-support/src/extensionConfiguration.ts index 58aeb319007c8..c413efa682b6e 100644 --- a/clients/client-support/src/extensionConfiguration.ts +++ b/clients/client-support/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SupportExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-support/src/runtimeConfig.shared.ts b/clients/client-support/src/runtimeConfig.shared.ts index f5832491018ca..f060086ae8969 100644 --- a/clients/client-support/src/runtimeConfig.shared.ts +++ b/clients/client-support/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSupportHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SupportClientConfig } from "./SupportClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SupportClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSupportHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Support", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-support/src/runtimeExtensions.ts b/clients/client-support/src/runtimeExtensions.ts index 6475c0701d7c9..935d8717ef2d0 100644 --- a/clients/client-support/src/runtimeExtensions.ts +++ b/clients/client-support/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SupportExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-swf/package.json b/clients/client-swf/package.json index 21da8c0bf63c3..af9f0c79c90d9 100644 --- a/clients/client-swf/package.json +++ b/clients/client-swf/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-swf/src/SWFClient.ts b/clients/client-swf/src/SWFClient.ts index 7ee5e03d40cb9..ce1ff3adfcdff 100644 --- a/clients/client-swf/src/SWFClient.ts +++ b/clients/client-swf/src/SWFClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSWFHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CountClosedWorkflowExecutionsCommandInput, CountClosedWorkflowExecutionsCommandOutput, @@ -351,21 +356,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -404,8 +410,8 @@ export type SWFClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -424,8 +430,8 @@ export type SWFClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -468,8 +474,8 @@ export class SWFClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -478,8 +484,14 @@ export class SWFClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -490,4 +502,13 @@ export class SWFClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSWFHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SWFClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-swf/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-swf/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d4b485c8836cb --- /dev/null +++ b/clients/client-swf/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SWFHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SWFHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SWFHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SWFHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SWFHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SWFHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-swf/src/auth/httpAuthSchemeProvider.ts b/clients/client-swf/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..d38a1fda6022f --- /dev/null +++ b/clients/client-swf/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SWFClientConfig, SWFClientResolvedConfig } from "../SWFClient"; + +/** + * @internal + */ +export interface SWFHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SWFHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SWFClientResolvedConfig, + HandlerExecutionContext, + SWFHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSWFHttpAuthSchemeParametersProvider = async ( + config: SWFClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SWFHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "swf", + region: authParameters.region, + }, + propertiesExtractor: (config: SWFClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SWFHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSWFHttpAuthSchemeProvider: SWFHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SWFHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SWFHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-swf/src/extensionConfiguration.ts b/clients/client-swf/src/extensionConfiguration.ts index c1e14961fc42c..322bb33258b48 100644 --- a/clients/client-swf/src/extensionConfiguration.ts +++ b/clients/client-swf/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SWFExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-swf/src/runtimeConfig.shared.ts b/clients/client-swf/src/runtimeConfig.shared.ts index 310f01f9eaf2a..a5b480b440d2a 100644 --- a/clients/client-swf/src/runtimeConfig.shared.ts +++ b/clients/client-swf/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSWFHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SWFClientConfig } from "./SWFClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SWFClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSWFHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "SWF", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-swf/src/runtimeExtensions.ts b/clients/client-swf/src/runtimeExtensions.ts index 9b9c47bebb8bc..cee75476b8c2b 100644 --- a/clients/client-swf/src/runtimeExtensions.ts +++ b/clients/client-swf/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SWFExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-synthetics/package.json b/clients/client-synthetics/package.json index 0cab8708b2ad1..65fe9d7871aa4 100644 --- a/clients/client-synthetics/package.json +++ b/clients/client-synthetics/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-synthetics/src/SyntheticsClient.ts b/clients/client-synthetics/src/SyntheticsClient.ts index 947cae60410ca..2851120f3ad9e 100644 --- a/clients/client-synthetics/src/SyntheticsClient.ts +++ b/clients/client-synthetics/src/SyntheticsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultSyntheticsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateResourceCommandInput, AssociateResourceCommandOutput } from "./commands/AssociateResourceCommand"; import { CreateCanaryCommandInput, CreateCanaryCommandOutput } from "./commands/CreateCanaryCommand"; import { CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; @@ -234,21 +239,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -287,8 +293,8 @@ export type SyntheticsClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -307,8 +313,8 @@ export type SyntheticsClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -353,8 +359,8 @@ export class SyntheticsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -363,8 +369,14 @@ export class SyntheticsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -375,4 +387,13 @@ export class SyntheticsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultSyntheticsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: SyntheticsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-synthetics/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-synthetics/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..48cd22fb3c003 --- /dev/null +++ b/clients/client-synthetics/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { SyntheticsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SyntheticsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): SyntheticsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: SyntheticsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: SyntheticsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): SyntheticsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-synthetics/src/auth/httpAuthSchemeProvider.ts b/clients/client-synthetics/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f289d2c4dffd0 --- /dev/null +++ b/clients/client-synthetics/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { SyntheticsClientConfig, SyntheticsClientResolvedConfig } from "../SyntheticsClient"; + +/** + * @internal + */ +export interface SyntheticsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface SyntheticsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + SyntheticsClientResolvedConfig, + HandlerExecutionContext, + SyntheticsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultSyntheticsHttpAuthSchemeParametersProvider = async ( + config: SyntheticsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: SyntheticsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "synthetics", + region: authParameters.region, + }, + propertiesExtractor: (config: SyntheticsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface SyntheticsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultSyntheticsHttpAuthSchemeProvider: SyntheticsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: SyntheticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: SyntheticsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-synthetics/src/extensionConfiguration.ts b/clients/client-synthetics/src/extensionConfiguration.ts index 4db8e5226ecf7..c2132da4af17a 100644 --- a/clients/client-synthetics/src/extensionConfiguration.ts +++ b/clients/client-synthetics/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface SyntheticsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-synthetics/src/runtimeConfig.shared.ts b/clients/client-synthetics/src/runtimeConfig.shared.ts index dff0e8766343c..42e4aaadee46b 100644 --- a/clients/client-synthetics/src/runtimeConfig.shared.ts +++ b/clients/client-synthetics/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultSyntheticsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { SyntheticsClientConfig } from "./SyntheticsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: SyntheticsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultSyntheticsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "synthetics", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-synthetics/src/runtimeExtensions.ts b/clients/client-synthetics/src/runtimeExtensions.ts index 500ad0a744791..08d24febdb32f 100644 --- a/clients/client-synthetics/src/runtimeExtensions.ts +++ b/clients/client-synthetics/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { SyntheticsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-textract/package.json b/clients/client-textract/package.json index 154bba95f2aad..3a996dafb9c25 100644 --- a/clients/client-textract/package.json +++ b/clients/client-textract/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-textract/src/TextractClient.ts b/clients/client-textract/src/TextractClient.ts index aac963e3caf3f..51d534ddd5aac 100644 --- a/clients/client-textract/src/TextractClient.ts +++ b/clients/client-textract/src/TextractClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTextractHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AnalyzeDocumentCommandInput, AnalyzeDocumentCommandOutput } from "./commands/AnalyzeDocumentCommand"; import { AnalyzeExpenseCommandInput, AnalyzeExpenseCommandOutput } from "./commands/AnalyzeExpenseCommand"; import { AnalyzeIDCommandInput, AnalyzeIDCommandOutput } from "./commands/AnalyzeIDCommand"; @@ -264,21 +269,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -317,8 +323,8 @@ export type TextractClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -337,8 +343,8 @@ export type TextractClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -371,8 +377,8 @@ export class TextractClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -381,8 +387,14 @@ export class TextractClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -393,4 +405,13 @@ export class TextractClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTextractHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TextractClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-textract/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-textract/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..fa5482c031aef --- /dev/null +++ b/clients/client-textract/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TextractHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TextractHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TextractHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TextractHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TextractHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TextractHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-textract/src/auth/httpAuthSchemeProvider.ts b/clients/client-textract/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..26933f9733edc --- /dev/null +++ b/clients/client-textract/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TextractClientConfig, TextractClientResolvedConfig } from "../TextractClient"; + +/** + * @internal + */ +export interface TextractHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TextractHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TextractClientResolvedConfig, + HandlerExecutionContext, + TextractHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTextractHttpAuthSchemeParametersProvider = async ( + config: TextractClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TextractHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "textract", + region: authParameters.region, + }, + propertiesExtractor: (config: TextractClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TextractHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTextractHttpAuthSchemeProvider: TextractHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TextractHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TextractHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-textract/src/extensionConfiguration.ts b/clients/client-textract/src/extensionConfiguration.ts index e0ef8703aca7c..78be0afff10d6 100644 --- a/clients/client-textract/src/extensionConfiguration.ts +++ b/clients/client-textract/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TextractExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-textract/src/runtimeConfig.shared.ts b/clients/client-textract/src/runtimeConfig.shared.ts index 6500b5011b3f9..ec3488b3280c0 100644 --- a/clients/client-textract/src/runtimeConfig.shared.ts +++ b/clients/client-textract/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTextractHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TextractClientConfig } from "./TextractClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TextractClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTextractHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Textract", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-textract/src/runtimeExtensions.ts b/clients/client-textract/src/runtimeExtensions.ts index c0d85bb97a771..63a048bb49a1e 100644 --- a/clients/client-textract/src/runtimeExtensions.ts +++ b/clients/client-textract/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TextractExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-timestream-query/package.json b/clients/client-timestream-query/package.json index 715e3cc0d362e..f79bfa301f04e 100644 --- a/clients/client-timestream-query/package.json +++ b/clients/client-timestream-query/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-timestream-query/src/TimestreamQueryClient.ts b/clients/client-timestream-query/src/TimestreamQueryClient.ts index d62696845195b..6cd1a07ac1370 100644 --- a/clients/client-timestream-query/src/TimestreamQueryClient.ts +++ b/clients/client-timestream-query/src/TimestreamQueryClient.ts @@ -12,20 +12,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -53,6 +52,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTimestreamQueryHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelQueryCommandInput, CancelQueryCommandOutput } from "./commands/CancelQueryCommand"; import { CreateScheduledQueryCommandInput, @@ -225,28 +230,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests - */ - region?: string | __Provider; - - /** - * Default credentials provider; Not available in browser runtime. + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header * @internal */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header - * @internal + * The AWS region to which this client will send requests */ - defaultUserAgentProvider?: Provider<__UserAgent>; + region?: string | __Provider; /** - * The provider which populates default for endpointDiscoveryEnabled configuration, if it's - * not passed during client creation. + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - endpointDiscoveryEnabledProvider?: __Provider; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -274,6 +273,13 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ * The {@link @smithy/smithy-client#DefaultsMode} that will be used to determine how certain default configuration options are resolved in the SDK. */ defaultsMode?: __DefaultsMode | __Provider<__DefaultsMode>; + + /** + * The provider which populates default for endpointDiscoveryEnabled configuration, if it's + * not passed during client creation. + * @internal + */ + endpointDiscoveryEnabledProvider?: __Provider; } /** @@ -285,8 +291,8 @@ export type TimestreamQueryClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & EndpointDiscoveryInputConfig & ClientInputEndpointParameters; /** @@ -306,8 +312,8 @@ export type TimestreamQueryClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & EndpointDiscoveryResolvedConfig & ClientResolvedEndpointParameters; /** @@ -341,8 +347,8 @@ export class TimestreamQueryClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveEndpointDiscoveryConfig(_config_7, { endpointDiscoveryCommandCtor: DescribeEndpointsCommand, }); @@ -354,8 +360,14 @@ export class TimestreamQueryClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -366,4 +378,13 @@ export class TimestreamQueryClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTimestreamQueryHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TimestreamQueryClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-timestream-query/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-timestream-query/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e8bff9a792128 --- /dev/null +++ b/clients/client-timestream-query/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TimestreamQueryHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TimestreamQueryHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TimestreamQueryHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TimestreamQueryHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TimestreamQueryHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TimestreamQueryHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-timestream-query/src/auth/httpAuthSchemeProvider.ts b/clients/client-timestream-query/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..f77b9c5fe2f89 --- /dev/null +++ b/clients/client-timestream-query/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TimestreamQueryClientConfig, TimestreamQueryClientResolvedConfig } from "../TimestreamQueryClient"; + +/** + * @internal + */ +export interface TimestreamQueryHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TimestreamQueryHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TimestreamQueryClientResolvedConfig, + HandlerExecutionContext, + TimestreamQueryHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTimestreamQueryHttpAuthSchemeParametersProvider = async ( + config: TimestreamQueryClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TimestreamQueryHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "timestream", + region: authParameters.region, + }, + propertiesExtractor: (config: TimestreamQueryClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TimestreamQueryHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTimestreamQueryHttpAuthSchemeProvider: TimestreamQueryHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TimestreamQueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TimestreamQueryHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-timestream-query/src/extensionConfiguration.ts b/clients/client-timestream-query/src/extensionConfiguration.ts index 022254a7ad41c..8c5bb16483866 100644 --- a/clients/client-timestream-query/src/extensionConfiguration.ts +++ b/clients/client-timestream-query/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TimestreamQueryExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-timestream-query/src/runtimeConfig.shared.ts b/clients/client-timestream-query/src/runtimeConfig.shared.ts index c71ed511359c6..ca7034d73ebd6 100644 --- a/clients/client-timestream-query/src/runtimeConfig.shared.ts +++ b/clients/client-timestream-query/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTimestreamQueryHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TimestreamQueryClientConfig } from "./TimestreamQueryClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TimestreamQueryClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTimestreamQueryHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Timestream Query", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-timestream-query/src/runtimeExtensions.ts b/clients/client-timestream-query/src/runtimeExtensions.ts index bb50f77573f0e..022c12ba6f17f 100644 --- a/clients/client-timestream-query/src/runtimeExtensions.ts +++ b/clients/client-timestream-query/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TimestreamQueryExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-timestream-write/package.json b/clients/client-timestream-write/package.json index 68a9fb06dc004..d3a893522743b 100644 --- a/clients/client-timestream-write/package.json +++ b/clients/client-timestream-write/package.json @@ -27,7 +27,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -35,7 +34,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -54,8 +53,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-timestream-write/src/TimestreamWriteClient.ts b/clients/client-timestream-write/src/TimestreamWriteClient.ts index 12d91ef515abd..ad577b16ac429 100644 --- a/clients/client-timestream-write/src/TimestreamWriteClient.ts +++ b/clients/client-timestream-write/src/TimestreamWriteClient.ts @@ -12,20 +12,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -37,6 +35,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -53,6 +52,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTimestreamWriteHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateBatchLoadTaskCommandInput, CreateBatchLoadTaskCommandOutput, @@ -234,28 +239,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests - */ - region?: string | __Provider; - - /** - * Default credentials provider; Not available in browser runtime. + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header * @internal */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header - * @internal + * The AWS region to which this client will send requests */ - defaultUserAgentProvider?: Provider<__UserAgent>; + region?: string | __Provider; /** - * The provider which populates default for endpointDiscoveryEnabled configuration, if it's - * not passed during client creation. + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - endpointDiscoveryEnabledProvider?: __Provider; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -283,6 +282,13 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ * The {@link @smithy/smithy-client#DefaultsMode} that will be used to determine how certain default configuration options are resolved in the SDK. */ defaultsMode?: __DefaultsMode | __Provider<__DefaultsMode>; + + /** + * The provider which populates default for endpointDiscoveryEnabled configuration, if it's + * not passed during client creation. + * @internal + */ + endpointDiscoveryEnabledProvider?: __Provider; } /** @@ -294,8 +300,8 @@ export type TimestreamWriteClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & EndpointDiscoveryInputConfig & ClientInputEndpointParameters; /** @@ -315,8 +321,8 @@ export type TimestreamWriteClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & EndpointDiscoveryResolvedConfig & ClientResolvedEndpointParameters; /** @@ -360,8 +366,8 @@ export class TimestreamWriteClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveEndpointDiscoveryConfig(_config_7, { endpointDiscoveryCommandCtor: DescribeEndpointsCommand, }); @@ -373,8 +379,14 @@ export class TimestreamWriteClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -385,4 +397,13 @@ export class TimestreamWriteClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTimestreamWriteHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TimestreamWriteClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-timestream-write/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-timestream-write/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..117459ffe1abc --- /dev/null +++ b/clients/client-timestream-write/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TimestreamWriteHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TimestreamWriteHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TimestreamWriteHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TimestreamWriteHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TimestreamWriteHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TimestreamWriteHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-timestream-write/src/auth/httpAuthSchemeProvider.ts b/clients/client-timestream-write/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7a8504ec0e647 --- /dev/null +++ b/clients/client-timestream-write/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TimestreamWriteClientConfig, TimestreamWriteClientResolvedConfig } from "../TimestreamWriteClient"; + +/** + * @internal + */ +export interface TimestreamWriteHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TimestreamWriteHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TimestreamWriteClientResolvedConfig, + HandlerExecutionContext, + TimestreamWriteHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTimestreamWriteHttpAuthSchemeParametersProvider = async ( + config: TimestreamWriteClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TimestreamWriteHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "timestream", + region: authParameters.region, + }, + propertiesExtractor: (config: TimestreamWriteClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TimestreamWriteHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTimestreamWriteHttpAuthSchemeProvider: TimestreamWriteHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TimestreamWriteHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TimestreamWriteHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-timestream-write/src/extensionConfiguration.ts b/clients/client-timestream-write/src/extensionConfiguration.ts index f123fdf91a214..70575bed89990 100644 --- a/clients/client-timestream-write/src/extensionConfiguration.ts +++ b/clients/client-timestream-write/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TimestreamWriteExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-timestream-write/src/runtimeConfig.shared.ts b/clients/client-timestream-write/src/runtimeConfig.shared.ts index b138331fa6f7a..ab702ccc7c54a 100644 --- a/clients/client-timestream-write/src/runtimeConfig.shared.ts +++ b/clients/client-timestream-write/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTimestreamWriteHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TimestreamWriteClientConfig } from "./TimestreamWriteClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TimestreamWriteClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTimestreamWriteHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Timestream Write", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-timestream-write/src/runtimeExtensions.ts b/clients/client-timestream-write/src/runtimeExtensions.ts index ad3ea56b207b9..9ac124545d7b6 100644 --- a/clients/client-timestream-write/src/runtimeExtensions.ts +++ b/clients/client-timestream-write/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TimestreamWriteExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-tnb/package.json b/clients/client-tnb/package.json index b97a70e170fe3..4387faa463f23 100644 --- a/clients/client-tnb/package.json +++ b/clients/client-tnb/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-tnb/src/TnbClient.ts b/clients/client-tnb/src/TnbClient.ts index 20df3aa9cc29b..ab7eaf4aa3e55 100644 --- a/clients/client-tnb/src/TnbClient.ts +++ b/clients/client-tnb/src/TnbClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTnbHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CancelSolNetworkOperationCommandInput, CancelSolNetworkOperationCommandOutput, @@ -348,21 +353,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -401,8 +407,8 @@ export type TnbClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -421,8 +427,8 @@ export type TnbClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -453,8 +459,8 @@ export class TnbClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -463,8 +469,14 @@ export class TnbClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -475,4 +487,13 @@ export class TnbClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTnbHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TnbClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-tnb/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-tnb/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..82fa862275a96 --- /dev/null +++ b/clients/client-tnb/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TnbHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TnbHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TnbHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TnbHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TnbHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TnbHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-tnb/src/auth/httpAuthSchemeProvider.ts b/clients/client-tnb/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..4bf412cbb7c8e --- /dev/null +++ b/clients/client-tnb/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TnbClientConfig, TnbClientResolvedConfig } from "../TnbClient"; + +/** + * @internal + */ +export interface TnbHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TnbHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TnbClientResolvedConfig, + HandlerExecutionContext, + TnbHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTnbHttpAuthSchemeParametersProvider = async ( + config: TnbClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TnbHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "tnb", + region: authParameters.region, + }, + propertiesExtractor: (config: TnbClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TnbHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTnbHttpAuthSchemeProvider: TnbHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TnbHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TnbHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-tnb/src/extensionConfiguration.ts b/clients/client-tnb/src/extensionConfiguration.ts index cbf34d1fb0702..dbc8af0a79c11 100644 --- a/clients/client-tnb/src/extensionConfiguration.ts +++ b/clients/client-tnb/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TnbExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-tnb/src/runtimeConfig.shared.ts b/clients/client-tnb/src/runtimeConfig.shared.ts index 59c2f21fa72ac..5810962ac44a7 100644 --- a/clients/client-tnb/src/runtimeConfig.shared.ts +++ b/clients/client-tnb/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTnbHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TnbClientConfig } from "./TnbClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TnbClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTnbHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "tnb", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-tnb/src/runtimeExtensions.ts b/clients/client-tnb/src/runtimeExtensions.ts index 0d3014f7cb2a9..c53494475a128 100644 --- a/clients/client-tnb/src/runtimeExtensions.ts +++ b/clients/client-tnb/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TnbExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-transcribe-streaming/package.json b/clients/client-transcribe-streaming/package.json index a1b81177da93f..86ead2fe7bdb2 100644 --- a/clients/client-transcribe-streaming/package.json +++ b/clients/client-transcribe-streaming/package.json @@ -39,7 +39,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/eventstream-serde-browser": "^2.1.1", "@smithy/eventstream-serde-config-resolver": "^2.1.1", "@smithy/eventstream-serde-node": "^2.1.1", @@ -61,7 +61,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-transcribe/package.json b/clients/client-transcribe/package.json index bae5a7999145d..b88f9f1112561 100644 --- a/clients/client-transcribe/package.json +++ b/clients/client-transcribe/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-transcribe/src/TranscribeClient.ts b/clients/client-transcribe/src/TranscribeClient.ts index 8adf87d78758c..2a7fe01692070 100644 --- a/clients/client-transcribe/src/TranscribeClient.ts +++ b/clients/client-transcribe/src/TranscribeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTranscribeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateCallAnalyticsCategoryCommandInput, CreateCallAnalyticsCategoryCommandOutput, @@ -390,21 +395,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -443,8 +449,8 @@ export type TranscribeClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -463,8 +469,8 @@ export type TranscribeClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -516,8 +522,8 @@ export class TranscribeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -526,8 +532,14 @@ export class TranscribeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -538,4 +550,13 @@ export class TranscribeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTranscribeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TranscribeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-transcribe/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-transcribe/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4028a2da3422c --- /dev/null +++ b/clients/client-transcribe/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TranscribeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TranscribeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TranscribeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TranscribeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TranscribeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TranscribeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-transcribe/src/auth/httpAuthSchemeProvider.ts b/clients/client-transcribe/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1b89d21c18b1f --- /dev/null +++ b/clients/client-transcribe/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TranscribeClientConfig, TranscribeClientResolvedConfig } from "../TranscribeClient"; + +/** + * @internal + */ +export interface TranscribeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TranscribeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TranscribeClientResolvedConfig, + HandlerExecutionContext, + TranscribeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTranscribeHttpAuthSchemeParametersProvider = async ( + config: TranscribeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TranscribeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "transcribe", + region: authParameters.region, + }, + propertiesExtractor: (config: TranscribeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TranscribeHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTranscribeHttpAuthSchemeProvider: TranscribeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TranscribeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TranscribeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-transcribe/src/extensionConfiguration.ts b/clients/client-transcribe/src/extensionConfiguration.ts index 7bbe699eecfb5..18b97c32d5d2c 100644 --- a/clients/client-transcribe/src/extensionConfiguration.ts +++ b/clients/client-transcribe/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TranscribeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-transcribe/src/runtimeConfig.shared.ts b/clients/client-transcribe/src/runtimeConfig.shared.ts index 1359e80e2490c..50c29caf7add8 100644 --- a/clients/client-transcribe/src/runtimeConfig.shared.ts +++ b/clients/client-transcribe/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTranscribeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TranscribeClientConfig } from "./TranscribeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TranscribeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTranscribeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Transcribe", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-transcribe/src/runtimeExtensions.ts b/clients/client-transcribe/src/runtimeExtensions.ts index 22cb9b7d12dde..1e55eabe30015 100644 --- a/clients/client-transcribe/src/runtimeExtensions.ts +++ b/clients/client-transcribe/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TranscribeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-transfer/package.json b/clients/client-transfer/package.json index 0918530b4d4f9..88ae2d385c421 100644 --- a/clients/client-transfer/package.json +++ b/clients/client-transfer/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "@smithy/util-waiter": "^2.1.1", diff --git a/clients/client-transfer/src/TransferClient.ts b/clients/client-transfer/src/TransferClient.ts index fe2400f3d290b..92aabbecff132 100644 --- a/clients/client-transfer/src/TransferClient.ts +++ b/clients/client-transfer/src/TransferClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTransferHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAccessCommandInput, CreateAccessCommandOutput } from "./commands/CreateAccessCommand"; import { CreateAgreementCommandInput, CreateAgreementCommandOutput } from "./commands/CreateAgreementCommand"; import { CreateConnectorCommandInput, CreateConnectorCommandOutput } from "./commands/CreateConnectorCommand"; @@ -351,21 +356,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -404,8 +410,8 @@ export type TransferClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -424,8 +430,8 @@ export type TransferClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -465,8 +471,8 @@ export class TransferClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -475,8 +481,14 @@ export class TransferClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -487,4 +499,13 @@ export class TransferClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTransferHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TransferClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-transfer/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-transfer/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..3cba952ef5c8e --- /dev/null +++ b/clients/client-transfer/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TransferHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TransferHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TransferHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TransferHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TransferHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TransferHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-transfer/src/auth/httpAuthSchemeProvider.ts b/clients/client-transfer/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..bc32d6b3f4381 --- /dev/null +++ b/clients/client-transfer/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TransferClientConfig, TransferClientResolvedConfig } from "../TransferClient"; + +/** + * @internal + */ +export interface TransferHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TransferHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TransferClientResolvedConfig, + HandlerExecutionContext, + TransferHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTransferHttpAuthSchemeParametersProvider = async ( + config: TransferClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TransferHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "transfer", + region: authParameters.region, + }, + propertiesExtractor: (config: TransferClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TransferHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTransferHttpAuthSchemeProvider: TransferHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TransferHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TransferHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-transfer/src/extensionConfiguration.ts b/clients/client-transfer/src/extensionConfiguration.ts index ef371db3137cc..51d5638e7d69c 100644 --- a/clients/client-transfer/src/extensionConfiguration.ts +++ b/clients/client-transfer/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TransferExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-transfer/src/runtimeConfig.shared.ts b/clients/client-transfer/src/runtimeConfig.shared.ts index 716b2166eee0e..db1c414146765 100644 --- a/clients/client-transfer/src/runtimeConfig.shared.ts +++ b/clients/client-transfer/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTransferHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TransferClientConfig } from "./TransferClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TransferClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTransferHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Transfer", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-transfer/src/runtimeExtensions.ts b/clients/client-transfer/src/runtimeExtensions.ts index 63dcc344a0717..c981e8164d46d 100644 --- a/clients/client-transfer/src/runtimeExtensions.ts +++ b/clients/client-transfer/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TransferExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-translate/package.json b/clients/client-translate/package.json index 24429ff7d1f88..ca7d4dbf0e1ae 100644 --- a/clients/client-translate/package.json +++ b/clients/client-translate/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-translate/src/TranslateClient.ts b/clients/client-translate/src/TranslateClient.ts index 3792c8f34e482..d34d6c46f58d0 100644 --- a/clients/client-translate/src/TranslateClient.ts +++ b/clients/client-translate/src/TranslateClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTranslateHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateParallelDataCommandInput, CreateParallelDataCommandOutput } from "./commands/CreateParallelDataCommand"; import { DeleteParallelDataCommandInput, DeleteParallelDataCommandOutput } from "./commands/DeleteParallelDataCommand"; import { DeleteTerminologyCommandInput, DeleteTerminologyCommandOutput } from "./commands/DeleteTerminologyCommand"; @@ -228,21 +233,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -281,8 +287,8 @@ export type TranslateClientConfigType = Partial<__SmithyConfiguration<__HttpHand EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -301,8 +307,8 @@ export type TranslateClientResolvedConfigType = __SmithyResolvedConfiguration<__ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -333,8 +339,8 @@ export class TranslateClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -343,8 +349,14 @@ export class TranslateClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -355,4 +367,13 @@ export class TranslateClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTranslateHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TranslateClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-translate/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-translate/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..63a9250be9151 --- /dev/null +++ b/clients/client-translate/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TranslateHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TranslateHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TranslateHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TranslateHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TranslateHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TranslateHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-translate/src/auth/httpAuthSchemeProvider.ts b/clients/client-translate/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..69bd13686165f --- /dev/null +++ b/clients/client-translate/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TranslateClientConfig, TranslateClientResolvedConfig } from "../TranslateClient"; + +/** + * @internal + */ +export interface TranslateHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TranslateHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TranslateClientResolvedConfig, + HandlerExecutionContext, + TranslateHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTranslateHttpAuthSchemeParametersProvider = async ( + config: TranslateClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TranslateHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "translate", + region: authParameters.region, + }, + propertiesExtractor: (config: TranslateClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TranslateHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTranslateHttpAuthSchemeProvider: TranslateHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TranslateHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TranslateHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-translate/src/extensionConfiguration.ts b/clients/client-translate/src/extensionConfiguration.ts index bdedb908d54c1..1a4456df41b2a 100644 --- a/clients/client-translate/src/extensionConfiguration.ts +++ b/clients/client-translate/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TranslateExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-translate/src/runtimeConfig.shared.ts b/clients/client-translate/src/runtimeConfig.shared.ts index 179149ed5d153..6326baba1d186 100644 --- a/clients/client-translate/src/runtimeConfig.shared.ts +++ b/clients/client-translate/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTranslateHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TranslateClientConfig } from "./TranslateClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TranslateClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTranslateHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Translate", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-translate/src/runtimeExtensions.ts b/clients/client-translate/src/runtimeExtensions.ts index cb14795a6fd8e..8c9a72dff7091 100644 --- a/clients/client-translate/src/runtimeExtensions.ts +++ b/clients/client-translate/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TranslateExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-trustedadvisor/package.json b/clients/client-trustedadvisor/package.json index 906c682d4e02c..3cf92fbfd5b3e 100644 --- a/clients/client-trustedadvisor/package.json +++ b/clients/client-trustedadvisor/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-trustedadvisor/src/TrustedAdvisorClient.ts b/clients/client-trustedadvisor/src/TrustedAdvisorClient.ts index e2ae2e15f7510..b1abaec55784d 100644 --- a/clients/client-trustedadvisor/src/TrustedAdvisorClient.ts +++ b/clients/client-trustedadvisor/src/TrustedAdvisorClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultTrustedAdvisorHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetOrganizationRecommendationCommandInput, GetOrganizationRecommendationCommandOutput, @@ -210,21 +215,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -263,8 +269,8 @@ export type TrustedAdvisorClientConfigType = Partial<__SmithyConfiguration<__Htt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -283,8 +289,8 @@ export type TrustedAdvisorClientResolvedConfigType = __SmithyResolvedConfigurati EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -315,8 +321,8 @@ export class TrustedAdvisorClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -325,8 +331,14 @@ export class TrustedAdvisorClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -337,4 +349,13 @@ export class TrustedAdvisorClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultTrustedAdvisorHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: TrustedAdvisorClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-trustedadvisor/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-trustedadvisor/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c55cdfe4ec8f6 --- /dev/null +++ b/clients/client-trustedadvisor/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { TrustedAdvisorHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TrustedAdvisorHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): TrustedAdvisorHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: TrustedAdvisorHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: TrustedAdvisorHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): TrustedAdvisorHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-trustedadvisor/src/auth/httpAuthSchemeProvider.ts b/clients/client-trustedadvisor/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..1182cb8792a84 --- /dev/null +++ b/clients/client-trustedadvisor/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { TrustedAdvisorClientConfig, TrustedAdvisorClientResolvedConfig } from "../TrustedAdvisorClient"; + +/** + * @internal + */ +export interface TrustedAdvisorHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface TrustedAdvisorHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + TrustedAdvisorClientResolvedConfig, + HandlerExecutionContext, + TrustedAdvisorHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultTrustedAdvisorHttpAuthSchemeParametersProvider = async ( + config: TrustedAdvisorClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: TrustedAdvisorHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "trustedadvisor", + region: authParameters.region, + }, + propertiesExtractor: (config: TrustedAdvisorClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface TrustedAdvisorHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultTrustedAdvisorHttpAuthSchemeProvider: TrustedAdvisorHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: TrustedAdvisorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: TrustedAdvisorHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-trustedadvisor/src/extensionConfiguration.ts b/clients/client-trustedadvisor/src/extensionConfiguration.ts index 6ed2817be8b9d..e55269e41e37d 100644 --- a/clients/client-trustedadvisor/src/extensionConfiguration.ts +++ b/clients/client-trustedadvisor/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface TrustedAdvisorExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-trustedadvisor/src/runtimeConfig.shared.ts b/clients/client-trustedadvisor/src/runtimeConfig.shared.ts index e7fda821f4334..98cb5ded9f943 100644 --- a/clients/client-trustedadvisor/src/runtimeConfig.shared.ts +++ b/clients/client-trustedadvisor/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultTrustedAdvisorHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { TrustedAdvisorClientConfig } from "./TrustedAdvisorClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: TrustedAdvisorClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultTrustedAdvisorHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "TrustedAdvisor", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-trustedadvisor/src/runtimeExtensions.ts b/clients/client-trustedadvisor/src/runtimeExtensions.ts index 5e5075eec0247..1374e3325250a 100644 --- a/clients/client-trustedadvisor/src/runtimeExtensions.ts +++ b/clients/client-trustedadvisor/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { TrustedAdvisorExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-verifiedpermissions/package.json b/clients/client-verifiedpermissions/package.json index 9ea496465b356..2615693c540bd 100644 --- a/clients/client-verifiedpermissions/package.json +++ b/clients/client-verifiedpermissions/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-verifiedpermissions/src/VerifiedPermissionsClient.ts b/clients/client-verifiedpermissions/src/VerifiedPermissionsClient.ts index 7062dcf953788..6e39b0b67bcbe 100644 --- a/clients/client-verifiedpermissions/src/VerifiedPermissionsClient.ts +++ b/clients/client-verifiedpermissions/src/VerifiedPermissionsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultVerifiedPermissionsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchIsAuthorizedCommandInput, BatchIsAuthorizedCommandOutput } from "./commands/BatchIsAuthorizedCommand"; import { CreateIdentitySourceCommandInput, @@ -258,21 +263,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -311,8 +317,8 @@ export type VerifiedPermissionsClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -331,8 +337,8 @@ export type VerifiedPermissionsClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -427,8 +433,8 @@ export class VerifiedPermissionsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -437,8 +443,14 @@ export class VerifiedPermissionsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -449,4 +461,13 @@ export class VerifiedPermissionsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultVerifiedPermissionsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: VerifiedPermissionsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-verifiedpermissions/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-verifiedpermissions/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..59a2f8fc91dae --- /dev/null +++ b/clients/client-verifiedpermissions/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { VerifiedPermissionsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VerifiedPermissionsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): VerifiedPermissionsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: VerifiedPermissionsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VerifiedPermissionsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): VerifiedPermissionsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-verifiedpermissions/src/auth/httpAuthSchemeProvider.ts b/clients/client-verifiedpermissions/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..b69fd74c04a18 --- /dev/null +++ b/clients/client-verifiedpermissions/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { VerifiedPermissionsClientConfig, VerifiedPermissionsClientResolvedConfig } from "../VerifiedPermissionsClient"; + +/** + * @internal + */ +export interface VerifiedPermissionsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface VerifiedPermissionsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + VerifiedPermissionsClientResolvedConfig, + HandlerExecutionContext, + VerifiedPermissionsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultVerifiedPermissionsHttpAuthSchemeParametersProvider = async ( + config: VerifiedPermissionsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: VerifiedPermissionsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "verifiedpermissions", + region: authParameters.region, + }, + propertiesExtractor: (config: VerifiedPermissionsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface VerifiedPermissionsHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultVerifiedPermissionsHttpAuthSchemeProvider: VerifiedPermissionsHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: VerifiedPermissionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: VerifiedPermissionsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-verifiedpermissions/src/extensionConfiguration.ts b/clients/client-verifiedpermissions/src/extensionConfiguration.ts index 4067270fcc510..a009c595b1258 100644 --- a/clients/client-verifiedpermissions/src/extensionConfiguration.ts +++ b/clients/client-verifiedpermissions/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface VerifiedPermissionsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-verifiedpermissions/src/runtimeConfig.shared.ts b/clients/client-verifiedpermissions/src/runtimeConfig.shared.ts index 619522994dec4..e392d35f2252f 100644 --- a/clients/client-verifiedpermissions/src/runtimeConfig.shared.ts +++ b/clients/client-verifiedpermissions/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultVerifiedPermissionsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { VerifiedPermissionsClientConfig } from "./VerifiedPermissionsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: VerifiedPermissionsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultVerifiedPermissionsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "VerifiedPermissions", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-verifiedpermissions/src/runtimeExtensions.ts b/clients/client-verifiedpermissions/src/runtimeExtensions.ts index 1fb40b3a8d0c4..611eb14c1e08a 100644 --- a/clients/client-verifiedpermissions/src/runtimeExtensions.ts +++ b/clients/client-verifiedpermissions/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { VerifiedPermissionsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-voice-id/package.json b/clients/client-voice-id/package.json index 2fb8e25269a30..008d3a2b68925 100644 --- a/clients/client-voice-id/package.json +++ b/clients/client-voice-id/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-voice-id/src/VoiceIDClient.ts b/clients/client-voice-id/src/VoiceIDClient.ts index 2bb1386df438b..965e11af948ed 100644 --- a/clients/client-voice-id/src/VoiceIDClient.ts +++ b/clients/client-voice-id/src/VoiceIDClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultVoiceIDHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateFraudsterCommandInput, AssociateFraudsterCommandOutput } from "./commands/AssociateFraudsterCommand"; import { CreateDomainCommandInput, CreateDomainCommandOutput } from "./commands/CreateDomainCommand"; import { CreateWatchlistCommandInput, CreateWatchlistCommandOutput } from "./commands/CreateWatchlistCommand"; @@ -267,21 +272,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -320,8 +326,8 @@ export type VoiceIDClientConfigType = Partial<__SmithyConfiguration<__HttpHandle EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -340,8 +346,8 @@ export type VoiceIDClientResolvedConfigType = __SmithyResolvedConfiguration<__Ht EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -373,8 +379,8 @@ export class VoiceIDClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -383,8 +389,14 @@ export class VoiceIDClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -395,4 +407,13 @@ export class VoiceIDClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultVoiceIDHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: VoiceIDClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-voice-id/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-voice-id/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..24547286270ea --- /dev/null +++ b/clients/client-voice-id/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { VoiceIDHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VoiceIDHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): VoiceIDHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: VoiceIDHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VoiceIDHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): VoiceIDHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-voice-id/src/auth/httpAuthSchemeProvider.ts b/clients/client-voice-id/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..ae6efcb744c6b --- /dev/null +++ b/clients/client-voice-id/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { VoiceIDClientConfig, VoiceIDClientResolvedConfig } from "../VoiceIDClient"; + +/** + * @internal + */ +export interface VoiceIDHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface VoiceIDHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + VoiceIDClientResolvedConfig, + HandlerExecutionContext, + VoiceIDHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultVoiceIDHttpAuthSchemeParametersProvider = async ( + config: VoiceIDClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: VoiceIDHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "voiceid", + region: authParameters.region, + }, + propertiesExtractor: (config: VoiceIDClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface VoiceIDHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultVoiceIDHttpAuthSchemeProvider: VoiceIDHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: VoiceIDHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: VoiceIDHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-voice-id/src/extensionConfiguration.ts b/clients/client-voice-id/src/extensionConfiguration.ts index b2b2d3691cb68..c3b3f61e2cc8b 100644 --- a/clients/client-voice-id/src/extensionConfiguration.ts +++ b/clients/client-voice-id/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface VoiceIDExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-voice-id/src/runtimeConfig.shared.ts b/clients/client-voice-id/src/runtimeConfig.shared.ts index 25fb627a2c92b..517a4fa39f3ff 100644 --- a/clients/client-voice-id/src/runtimeConfig.shared.ts +++ b/clients/client-voice-id/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultVoiceIDHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { VoiceIDClientConfig } from "./VoiceIDClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: VoiceIDClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultVoiceIDHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Voice ID", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-voice-id/src/runtimeExtensions.ts b/clients/client-voice-id/src/runtimeExtensions.ts index 67503be52fafa..eaa43d2ad24cd 100644 --- a/clients/client-voice-id/src/runtimeExtensions.ts +++ b/clients/client-voice-id/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { VoiceIDExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-vpc-lattice/package.json b/clients/client-vpc-lattice/package.json index 5a76c63feda46..909dd5dc540d2 100644 --- a/clients/client-vpc-lattice/package.json +++ b/clients/client-vpc-lattice/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-vpc-lattice/src/VPCLatticeClient.ts b/clients/client-vpc-lattice/src/VPCLatticeClient.ts index 448dab42f74e9..d9abedef2a8cb 100644 --- a/clients/client-vpc-lattice/src/VPCLatticeClient.ts +++ b/clients/client-vpc-lattice/src/VPCLatticeClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultVPCLatticeHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchUpdateRuleCommandInput, BatchUpdateRuleCommandOutput } from "./commands/BatchUpdateRuleCommand"; import { CreateAccessLogSubscriptionCommandInput, @@ -372,21 +377,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -425,8 +431,8 @@ export type VPCLatticeClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -445,8 +451,8 @@ export type VPCLatticeClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -481,8 +487,8 @@ export class VPCLatticeClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -491,8 +497,14 @@ export class VPCLatticeClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -503,4 +515,13 @@ export class VPCLatticeClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultVPCLatticeHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: VPCLatticeClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-vpc-lattice/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-vpc-lattice/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..41750e07b5ea0 --- /dev/null +++ b/clients/client-vpc-lattice/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { VPCLatticeHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VPCLatticeHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): VPCLatticeHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: VPCLatticeHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: VPCLatticeHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): VPCLatticeHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-vpc-lattice/src/auth/httpAuthSchemeProvider.ts b/clients/client-vpc-lattice/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..0e24f0158a971 --- /dev/null +++ b/clients/client-vpc-lattice/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { VPCLatticeClientConfig, VPCLatticeClientResolvedConfig } from "../VPCLatticeClient"; + +/** + * @internal + */ +export interface VPCLatticeHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface VPCLatticeHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + VPCLatticeClientResolvedConfig, + HandlerExecutionContext, + VPCLatticeHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultVPCLatticeHttpAuthSchemeParametersProvider = async ( + config: VPCLatticeClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: VPCLatticeHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "vpc-lattice", + region: authParameters.region, + }, + propertiesExtractor: (config: VPCLatticeClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface VPCLatticeHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultVPCLatticeHttpAuthSchemeProvider: VPCLatticeHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: VPCLatticeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: VPCLatticeHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-vpc-lattice/src/extensionConfiguration.ts b/clients/client-vpc-lattice/src/extensionConfiguration.ts index 8a56f2d40787f..de88466329427 100644 --- a/clients/client-vpc-lattice/src/extensionConfiguration.ts +++ b/clients/client-vpc-lattice/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface VPCLatticeExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-vpc-lattice/src/runtimeConfig.shared.ts b/clients/client-vpc-lattice/src/runtimeConfig.shared.ts index 37402cc86e337..0602ac02f12f2 100644 --- a/clients/client-vpc-lattice/src/runtimeConfig.shared.ts +++ b/clients/client-vpc-lattice/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultVPCLatticeHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { VPCLatticeClientConfig } from "./VPCLatticeClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: VPCLatticeClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultVPCLatticeHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "VPC Lattice", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-vpc-lattice/src/runtimeExtensions.ts b/clients/client-vpc-lattice/src/runtimeExtensions.ts index 35e0236522514..81838df103ded 100644 --- a/clients/client-vpc-lattice/src/runtimeExtensions.ts +++ b/clients/client-vpc-lattice/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { VPCLatticeExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-waf-regional/package.json b/clients/client-waf-regional/package.json index 52a7d08a10270..2e5cdb1b05bc9 100644 --- a/clients/client-waf-regional/package.json +++ b/clients/client-waf-regional/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-waf-regional/src/WAFRegionalClient.ts b/clients/client-waf-regional/src/WAFRegionalClient.ts index 986fd54350496..72359fcb58fcf 100644 --- a/clients/client-waf-regional/src/WAFRegionalClient.ts +++ b/clients/client-waf-regional/src/WAFRegionalClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWAFRegionalHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateWebACLCommandInput, AssociateWebACLCommandOutput } from "./commands/AssociateWebACLCommand"; import { CreateByteMatchSetCommandInput, CreateByteMatchSetCommandOutput } from "./commands/CreateByteMatchSetCommand"; import { CreateGeoMatchSetCommandInput, CreateGeoMatchSetCommandOutput } from "./commands/CreateGeoMatchSetCommand"; @@ -504,21 +509,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -557,8 +563,8 @@ export type WAFRegionalClientConfigType = Partial<__SmithyConfiguration<__HttpHa EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -577,8 +583,8 @@ export type WAFRegionalClientResolvedConfigType = __SmithyResolvedConfiguration< EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -619,8 +625,8 @@ export class WAFRegionalClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -629,8 +635,14 @@ export class WAFRegionalClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -641,4 +653,13 @@ export class WAFRegionalClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWAFRegionalHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WAFRegionalClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-waf-regional/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-waf-regional/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4e8d6f94c623a --- /dev/null +++ b/clients/client-waf-regional/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WAFRegionalHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFRegionalHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WAFRegionalHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WAFRegionalHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFRegionalHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WAFRegionalHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-waf-regional/src/auth/httpAuthSchemeProvider.ts b/clients/client-waf-regional/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..c65dd7dcbe998 --- /dev/null +++ b/clients/client-waf-regional/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WAFRegionalClientConfig, WAFRegionalClientResolvedConfig } from "../WAFRegionalClient"; + +/** + * @internal + */ +export interface WAFRegionalHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WAFRegionalHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WAFRegionalClientResolvedConfig, + HandlerExecutionContext, + WAFRegionalHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWAFRegionalHttpAuthSchemeParametersProvider = async ( + config: WAFRegionalClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WAFRegionalHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "waf-regional", + region: authParameters.region, + }, + propertiesExtractor: (config: WAFRegionalClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WAFRegionalHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWAFRegionalHttpAuthSchemeProvider: WAFRegionalHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WAFRegionalHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WAFRegionalHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-waf-regional/src/extensionConfiguration.ts b/clients/client-waf-regional/src/extensionConfiguration.ts index 104542e11d434..209fd18a985de 100644 --- a/clients/client-waf-regional/src/extensionConfiguration.ts +++ b/clients/client-waf-regional/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WAFRegionalExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-waf-regional/src/runtimeConfig.shared.ts b/clients/client-waf-regional/src/runtimeConfig.shared.ts index a95cf43613ab9..8d4f96201d766 100644 --- a/clients/client-waf-regional/src/runtimeConfig.shared.ts +++ b/clients/client-waf-regional/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWAFRegionalHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WAFRegionalClientConfig } from "./WAFRegionalClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WAFRegionalClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWAFRegionalHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WAF Regional", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-waf-regional/src/runtimeExtensions.ts b/clients/client-waf-regional/src/runtimeExtensions.ts index 4f2954c830aea..690f60a78b908 100644 --- a/clients/client-waf-regional/src/runtimeExtensions.ts +++ b/clients/client-waf-regional/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WAFRegionalExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-waf/package.json b/clients/client-waf/package.json index 83e0aa1849a63..5f8b03ad8a728 100644 --- a/clients/client-waf/package.json +++ b/clients/client-waf/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-waf/src/WAFClient.ts b/clients/client-waf/src/WAFClient.ts index 4ea14de355626..566a4ded838b8 100644 --- a/clients/client-waf/src/WAFClient.ts +++ b/clients/client-waf/src/WAFClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWAFHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateByteMatchSetCommandInput, CreateByteMatchSetCommandOutput } from "./commands/CreateByteMatchSetCommand"; import { CreateGeoMatchSetCommandInput, CreateGeoMatchSetCommandOutput } from "./commands/CreateGeoMatchSetCommand"; import { CreateIPSetCommandInput, CreateIPSetCommandOutput } from "./commands/CreateIPSetCommand"; @@ -486,21 +491,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -539,8 +545,8 @@ export type WAFClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOpt EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -559,8 +565,8 @@ export type WAFClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHa EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -601,8 +607,8 @@ export class WAFClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -611,8 +617,14 @@ export class WAFClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -623,4 +635,13 @@ export class WAFClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWAFHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WAFClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-waf/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-waf/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..ad6f3a5352a45 --- /dev/null +++ b/clients/client-waf/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WAFHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WAFHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WAFHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WAFHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-waf/src/auth/httpAuthSchemeProvider.ts b/clients/client-waf/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..40c7b248039cf --- /dev/null +++ b/clients/client-waf/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WAFClientConfig, WAFClientResolvedConfig } from "../WAFClient"; + +/** + * @internal + */ +export interface WAFHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WAFHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WAFClientResolvedConfig, + HandlerExecutionContext, + WAFHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWAFHttpAuthSchemeParametersProvider = async ( + config: WAFClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WAFHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "waf", + region: authParameters.region, + }, + propertiesExtractor: (config: WAFClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WAFHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWAFHttpAuthSchemeProvider: WAFHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WAFHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WAFHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-waf/src/extensionConfiguration.ts b/clients/client-waf/src/extensionConfiguration.ts index c64f08139683b..289ad4771b276 100644 --- a/clients/client-waf/src/extensionConfiguration.ts +++ b/clients/client-waf/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WAFExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-waf/src/runtimeConfig.shared.ts b/clients/client-waf/src/runtimeConfig.shared.ts index 70ead4efa864d..9afc84aec922f 100644 --- a/clients/client-waf/src/runtimeConfig.shared.ts +++ b/clients/client-waf/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWAFHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WAFClientConfig } from "./WAFClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WAFClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWAFHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WAF", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-waf/src/runtimeExtensions.ts b/clients/client-waf/src/runtimeExtensions.ts index d463e93a02944..9dd9bbbd91745 100644 --- a/clients/client-waf/src/runtimeExtensions.ts +++ b/clients/client-waf/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WAFExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-wafv2/package.json b/clients/client-wafv2/package.json index e97b8cea10cfa..825e6b79b8ba6 100644 --- a/clients/client-wafv2/package.json +++ b/clients/client-wafv2/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,6 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -52,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-wafv2/src/WAFV2Client.ts b/clients/client-wafv2/src/WAFV2Client.ts index b5c40752353d1..751f314c00dbc 100644 --- a/clients/client-wafv2/src/WAFV2Client.ts +++ b/clients/client-wafv2/src/WAFV2Client.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWAFV2HttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateWebACLCommandInput, AssociateWebACLCommandOutput } from "./commands/AssociateWebACLCommand"; import { CheckCapacityCommandInput, CheckCapacityCommandOutput } from "./commands/CheckCapacityCommand"; import { CreateAPIKeyCommandInput, CreateAPIKeyCommandOutput } from "./commands/CreateAPIKeyCommand"; @@ -399,21 +404,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -452,8 +458,8 @@ export type WAFV2ClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerO EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -472,8 +478,8 @@ export type WAFV2ClientResolvedConfigType = __SmithyResolvedConfiguration<__Http EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -561,8 +567,8 @@ export class WAFV2Client extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -571,8 +577,14 @@ export class WAFV2Client extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -583,4 +595,13 @@ export class WAFV2Client extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWAFV2HttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WAFV2ClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-wafv2/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-wafv2/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..eea232e2d142f --- /dev/null +++ b/clients/client-wafv2/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WAFV2HttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFV2HttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WAFV2HttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WAFV2HttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WAFV2HttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WAFV2HttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-wafv2/src/auth/httpAuthSchemeProvider.ts b/clients/client-wafv2/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e17d24c9cac06 --- /dev/null +++ b/clients/client-wafv2/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WAFV2ClientConfig, WAFV2ClientResolvedConfig } from "../WAFV2Client"; + +/** + * @internal + */ +export interface WAFV2HttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WAFV2HttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WAFV2ClientResolvedConfig, + HandlerExecutionContext, + WAFV2HttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWAFV2HttpAuthSchemeParametersProvider = async ( + config: WAFV2ClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WAFV2HttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "wafv2", + region: authParameters.region, + }, + propertiesExtractor: (config: WAFV2ClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WAFV2HttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWAFV2HttpAuthSchemeProvider: WAFV2HttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WAFV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WAFV2HttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-wafv2/src/extensionConfiguration.ts b/clients/client-wafv2/src/extensionConfiguration.ts index 6c7d594e57c33..5ed3971376701 100644 --- a/clients/client-wafv2/src/extensionConfiguration.ts +++ b/clients/client-wafv2/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WAFV2ExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-wafv2/src/runtimeConfig.shared.ts b/clients/client-wafv2/src/runtimeConfig.shared.ts index 8288a391d743a..b94bd41b0f8ca 100644 --- a/clients/client-wafv2/src/runtimeConfig.shared.ts +++ b/clients/client-wafv2/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWAFV2HttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WAFV2ClientConfig } from "./WAFV2Client"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WAFV2ClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWAFV2HttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WAFV2", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-wafv2/src/runtimeExtensions.ts b/clients/client-wafv2/src/runtimeExtensions.ts index ef217f8c9c34b..802560084b18d 100644 --- a/clients/client-wafv2/src/runtimeExtensions.ts +++ b/clients/client-wafv2/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WAFV2ExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-wellarchitected/package.json b/clients/client-wellarchitected/package.json index b911c497de220..dccaf20667baa 100644 --- a/clients/client-wellarchitected/package.json +++ b/clients/client-wellarchitected/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-wellarchitected/src/WellArchitectedClient.ts b/clients/client-wellarchitected/src/WellArchitectedClient.ts index 204bc5a386321..b057d5afe9f85 100644 --- a/clients/client-wellarchitected/src/WellArchitectedClient.ts +++ b/clients/client-wellarchitected/src/WellArchitectedClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWellArchitectedHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateLensesCommandInput, AssociateLensesCommandOutput } from "./commands/AssociateLensesCommand"; import { AssociateProfilesCommandInput, AssociateProfilesCommandOutput } from "./commands/AssociateProfilesCommand"; import { CreateLensShareCommandInput, CreateLensShareCommandOutput } from "./commands/CreateLensShareCommand"; @@ -444,21 +449,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -497,8 +503,8 @@ export type WellArchitectedClientConfigType = Partial<__SmithyConfiguration<__Ht EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -517,8 +523,8 @@ export type WellArchitectedClientResolvedConfigType = __SmithyResolvedConfigurat EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -554,8 +560,8 @@ export class WellArchitectedClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -564,8 +570,14 @@ export class WellArchitectedClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -576,4 +588,13 @@ export class WellArchitectedClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWellArchitectedHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WellArchitectedClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-wellarchitected/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-wellarchitected/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..f1bbfa1c35f75 --- /dev/null +++ b/clients/client-wellarchitected/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WellArchitectedHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WellArchitectedHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WellArchitectedHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WellArchitectedHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WellArchitectedHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WellArchitectedHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-wellarchitected/src/auth/httpAuthSchemeProvider.ts b/clients/client-wellarchitected/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..5e1ea288da447 --- /dev/null +++ b/clients/client-wellarchitected/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WellArchitectedClientConfig, WellArchitectedClientResolvedConfig } from "../WellArchitectedClient"; + +/** + * @internal + */ +export interface WellArchitectedHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WellArchitectedHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WellArchitectedClientResolvedConfig, + HandlerExecutionContext, + WellArchitectedHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWellArchitectedHttpAuthSchemeParametersProvider = async ( + config: WellArchitectedClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WellArchitectedHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "wellarchitected", + region: authParameters.region, + }, + propertiesExtractor: (config: WellArchitectedClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WellArchitectedHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWellArchitectedHttpAuthSchemeProvider: WellArchitectedHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WellArchitectedHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WellArchitectedHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-wellarchitected/src/extensionConfiguration.ts b/clients/client-wellarchitected/src/extensionConfiguration.ts index c9d257c4bb42c..f472dfd31e075 100644 --- a/clients/client-wellarchitected/src/extensionConfiguration.ts +++ b/clients/client-wellarchitected/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WellArchitectedExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-wellarchitected/src/runtimeConfig.shared.ts b/clients/client-wellarchitected/src/runtimeConfig.shared.ts index 4bee9488f65f9..b16431ca8e45d 100644 --- a/clients/client-wellarchitected/src/runtimeConfig.shared.ts +++ b/clients/client-wellarchitected/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWellArchitectedHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WellArchitectedClientConfig } from "./WellArchitectedClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WellArchitectedClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWellArchitectedHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WellArchitected", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-wellarchitected/src/runtimeExtensions.ts b/clients/client-wellarchitected/src/runtimeExtensions.ts index 36140f41625a4..870605c117127 100644 --- a/clients/client-wellarchitected/src/runtimeExtensions.ts +++ b/clients/client-wellarchitected/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WellArchitectedExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-wisdom/package.json b/clients/client-wisdom/package.json index 56d96f0fbf3b8..21ebf3841503c 100644 --- a/clients/client-wisdom/package.json +++ b/clients/client-wisdom/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-wisdom/src/WisdomClient.ts b/clients/client-wisdom/src/WisdomClient.ts index 7cb216db37674..3aabb8c82ad83 100644 --- a/clients/client-wisdom/src/WisdomClient.ts +++ b/clients/client-wisdom/src/WisdomClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWisdomHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateAssistantAssociationCommandInput, CreateAssistantAssociationCommandOutput, @@ -321,21 +326,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -374,8 +380,8 @@ export type WisdomClientConfigType = Partial<__SmithyConfiguration<__HttpHandler EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -394,8 +400,8 @@ export type WisdomClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -429,8 +435,8 @@ export class WisdomClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -439,8 +445,14 @@ export class WisdomClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -451,4 +463,13 @@ export class WisdomClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWisdomHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WisdomClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-wisdom/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-wisdom/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..d6b71fa91cef3 --- /dev/null +++ b/clients/client-wisdom/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WisdomHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WisdomHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WisdomHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WisdomHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WisdomHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WisdomHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-wisdom/src/auth/httpAuthSchemeProvider.ts b/clients/client-wisdom/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..cab97f415d3ff --- /dev/null +++ b/clients/client-wisdom/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WisdomClientConfig, WisdomClientResolvedConfig } from "../WisdomClient"; + +/** + * @internal + */ +export interface WisdomHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WisdomHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WisdomClientResolvedConfig, + HandlerExecutionContext, + WisdomHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWisdomHttpAuthSchemeParametersProvider = async ( + config: WisdomClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WisdomHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "wisdom", + region: authParameters.region, + }, + propertiesExtractor: (config: WisdomClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WisdomHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWisdomHttpAuthSchemeProvider: WisdomHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WisdomHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WisdomHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-wisdom/src/extensionConfiguration.ts b/clients/client-wisdom/src/extensionConfiguration.ts index 50d7a9cb646ba..eec6d57b4ed59 100644 --- a/clients/client-wisdom/src/extensionConfiguration.ts +++ b/clients/client-wisdom/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WisdomExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-wisdom/src/runtimeConfig.shared.ts b/clients/client-wisdom/src/runtimeConfig.shared.ts index 83b2de9309bb1..4b76ecbf596a5 100644 --- a/clients/client-wisdom/src/runtimeConfig.shared.ts +++ b/clients/client-wisdom/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWisdomHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WisdomClientConfig } from "./WisdomClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WisdomClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWisdomHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "Wisdom", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-wisdom/src/runtimeExtensions.ts b/clients/client-wisdom/src/runtimeExtensions.ts index bde4a4ba0130a..3390064becc0a 100644 --- a/clients/client-wisdom/src/runtimeExtensions.ts +++ b/clients/client-wisdom/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WisdomExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workdocs/package.json b/clients/client-workdocs/package.json index c40e61783ba8e..f21e6db5d861d 100644 --- a/clients/client-workdocs/package.json +++ b/clients/client-workdocs/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-workdocs/src/WorkDocsClient.ts b/clients/client-workdocs/src/WorkDocsClient.ts index 5d11e7c25ab87..70c0fe252f2b6 100644 --- a/clients/client-workdocs/src/WorkDocsClient.ts +++ b/clients/client-workdocs/src/WorkDocsClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkDocsHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AbortDocumentVersionUploadCommandInput, AbortDocumentVersionUploadCommandOutput, @@ -342,21 +347,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -395,8 +401,8 @@ export type WorkDocsClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -415,8 +421,8 @@ export type WorkDocsClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -505,8 +511,8 @@ export class WorkDocsClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -515,8 +521,14 @@ export class WorkDocsClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -527,4 +539,13 @@ export class WorkDocsClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkDocsHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkDocsClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workdocs/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workdocs/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..e25ddd7bb99c8 --- /dev/null +++ b/clients/client-workdocs/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkDocsHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkDocsHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkDocsHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkDocsHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkDocsHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkDocsHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workdocs/src/auth/httpAuthSchemeProvider.ts b/clients/client-workdocs/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..e32890f21d0f9 --- /dev/null +++ b/clients/client-workdocs/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkDocsClientConfig, WorkDocsClientResolvedConfig } from "../WorkDocsClient"; + +/** + * @internal + */ +export interface WorkDocsHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkDocsHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkDocsClientResolvedConfig, + HandlerExecutionContext, + WorkDocsHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkDocsHttpAuthSchemeParametersProvider = async ( + config: WorkDocsClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkDocsHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "workdocs", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkDocsClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkDocsHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkDocsHttpAuthSchemeProvider: WorkDocsHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkDocsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkDocsHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workdocs/src/extensionConfiguration.ts b/clients/client-workdocs/src/extensionConfiguration.ts index 82e84c8c38cdb..26b6c739f7a69 100644 --- a/clients/client-workdocs/src/extensionConfiguration.ts +++ b/clients/client-workdocs/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkDocsExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workdocs/src/runtimeConfig.shared.ts b/clients/client-workdocs/src/runtimeConfig.shared.ts index 44e39e7f11507..0dc3dfb0ce4df 100644 --- a/clients/client-workdocs/src/runtimeConfig.shared.ts +++ b/clients/client-workdocs/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkDocsHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkDocsClientConfig } from "./WorkDocsClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkDocsClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkDocsHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkDocs", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-workdocs/src/runtimeExtensions.ts b/clients/client-workdocs/src/runtimeExtensions.ts index f0025574cb8c3..854c356d9eb44 100644 --- a/clients/client-workdocs/src/runtimeExtensions.ts +++ b/clients/client-workdocs/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkDocsExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-worklink/package.json b/clients/client-worklink/package.json index cf42b68ff9ccb..4b1520defa3c9 100644 --- a/clients/client-worklink/package.json +++ b/clients/client-worklink/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-worklink/src/WorkLinkClient.ts b/clients/client-worklink/src/WorkLinkClient.ts index 9b406d3d327f4..f526e28592b6e 100644 --- a/clients/client-worklink/src/WorkLinkClient.ts +++ b/clients/client-worklink/src/WorkLinkClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkLinkHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateDomainCommandInput, AssociateDomainCommandOutput } from "./commands/AssociateDomainCommand"; import { AssociateWebsiteAuthorizationProviderCommandInput, @@ -315,21 +320,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -368,8 +374,8 @@ export type WorkLinkClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -388,8 +394,8 @@ export type WorkLinkClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -426,8 +432,8 @@ export class WorkLinkClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -436,8 +442,14 @@ export class WorkLinkClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -448,4 +460,13 @@ export class WorkLinkClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkLinkHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkLinkClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-worklink/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-worklink/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..b5657bcd43b52 --- /dev/null +++ b/clients/client-worklink/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkLinkHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkLinkHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkLinkHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkLinkHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkLinkHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkLinkHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-worklink/src/auth/httpAuthSchemeProvider.ts b/clients/client-worklink/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..a9431547fbdac --- /dev/null +++ b/clients/client-worklink/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkLinkClientConfig, WorkLinkClientResolvedConfig } from "../WorkLinkClient"; + +/** + * @internal + */ +export interface WorkLinkHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkLinkHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkLinkClientResolvedConfig, + HandlerExecutionContext, + WorkLinkHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkLinkHttpAuthSchemeParametersProvider = async ( + config: WorkLinkClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkLinkHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "worklink", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkLinkClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkLinkHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkLinkHttpAuthSchemeProvider: WorkLinkHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkLinkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkLinkHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-worklink/src/extensionConfiguration.ts b/clients/client-worklink/src/extensionConfiguration.ts index ce467e7585f9e..88a9fe5dc54c2 100644 --- a/clients/client-worklink/src/extensionConfiguration.ts +++ b/clients/client-worklink/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkLinkExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-worklink/src/runtimeConfig.shared.ts b/clients/client-worklink/src/runtimeConfig.shared.ts index 01f60c677767c..93c9d1dd18508 100644 --- a/clients/client-worklink/src/runtimeConfig.shared.ts +++ b/clients/client-worklink/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkLinkHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkLinkClientConfig } from "./WorkLinkClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkLinkClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkLinkHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkLink", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-worklink/src/runtimeExtensions.ts b/clients/client-worklink/src/runtimeExtensions.ts index 524b77301acd2..83b592c1f2cb3 100644 --- a/clients/client-worklink/src/runtimeExtensions.ts +++ b/clients/client-worklink/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkLinkExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workmail/package.json b/clients/client-workmail/package.json index 56a75999450c3..0b3c1afc89692 100644 --- a/clients/client-workmail/package.json +++ b/clients/client-workmail/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-workmail/src/WorkMailClient.ts b/clients/client-workmail/src/WorkMailClient.ts index a95b234b4d7d0..1119bbf05e0ce 100644 --- a/clients/client-workmail/src/WorkMailClient.ts +++ b/clients/client-workmail/src/WorkMailClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkMailHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateDelegateToResourceCommandInput, AssociateDelegateToResourceCommandOutput, @@ -561,21 +566,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -614,8 +620,8 @@ export type WorkMailClientConfigType = Partial<__SmithyConfiguration<__HttpHandl EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -634,8 +640,8 @@ export type WorkMailClientResolvedConfigType = __SmithyResolvedConfiguration<__H EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -701,8 +707,8 @@ export class WorkMailClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -711,8 +717,14 @@ export class WorkMailClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -723,4 +735,13 @@ export class WorkMailClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkMailHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkMailClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workmail/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workmail/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..c23508cba35b0 --- /dev/null +++ b/clients/client-workmail/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkMailHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkMailHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkMailHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkMailHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkMailHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkMailHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workmail/src/auth/httpAuthSchemeProvider.ts b/clients/client-workmail/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..3c324358f3435 --- /dev/null +++ b/clients/client-workmail/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkMailClientConfig, WorkMailClientResolvedConfig } from "../WorkMailClient"; + +/** + * @internal + */ +export interface WorkMailHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkMailHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkMailClientResolvedConfig, + HandlerExecutionContext, + WorkMailHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkMailHttpAuthSchemeParametersProvider = async ( + config: WorkMailClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkMailHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "workmail", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkMailClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkMailHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkMailHttpAuthSchemeProvider: WorkMailHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkMailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkMailHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workmail/src/extensionConfiguration.ts b/clients/client-workmail/src/extensionConfiguration.ts index c95f07cc4ffbf..7ccf392dcad0e 100644 --- a/clients/client-workmail/src/extensionConfiguration.ts +++ b/clients/client-workmail/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkMailExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workmail/src/runtimeConfig.shared.ts b/clients/client-workmail/src/runtimeConfig.shared.ts index 0b1f0bc8c68d9..55b62ca2147ea 100644 --- a/clients/client-workmail/src/runtimeConfig.shared.ts +++ b/clients/client-workmail/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkMailHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkMailClientConfig } from "./WorkMailClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkMailClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkMailHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkMail", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-workmail/src/runtimeExtensions.ts b/clients/client-workmail/src/runtimeExtensions.ts index f1e85891f6dbb..81ed590b33be5 100644 --- a/clients/client-workmail/src/runtimeExtensions.ts +++ b/clients/client-workmail/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkMailExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workmailmessageflow/package.json b/clients/client-workmailmessageflow/package.json index baf9fe8f3b3b0..3ea30af346889 100644 --- a/clients/client-workmailmessageflow/package.json +++ b/clients/client-workmailmessageflow/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/clients/client-workmailmessageflow/src/WorkMailMessageFlowClient.ts b/clients/client-workmailmessageflow/src/WorkMailMessageFlowClient.ts index 376c1283e8c3e..e09e596e1b1f2 100644 --- a/clients/client-workmailmessageflow/src/WorkMailMessageFlowClient.ts +++ b/clients/client-workmailmessageflow/src/WorkMailMessageFlowClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -49,6 +48,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkMailMessageFlowHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { GetRawMessageContentCommandInput, GetRawMessageContentCommandOutput, @@ -165,21 +170,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -224,8 +230,8 @@ export type WorkMailMessageFlowClientConfigType = Partial<__SmithyConfiguration< EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -244,8 +250,8 @@ export type WorkMailMessageFlowClientResolvedConfigType = __SmithyResolvedConfig EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export class WorkMailMessageFlowClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -290,8 +296,14 @@ export class WorkMailMessageFlowClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -302,4 +314,13 @@ export class WorkMailMessageFlowClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkMailMessageFlowHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkMailMessageFlowClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workmailmessageflow/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workmailmessageflow/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..abf2032b19e7e --- /dev/null +++ b/clients/client-workmailmessageflow/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkMailMessageFlowHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkMailMessageFlowHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkMailMessageFlowHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkMailMessageFlowHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkMailMessageFlowHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkMailMessageFlowHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workmailmessageflow/src/auth/httpAuthSchemeProvider.ts b/clients/client-workmailmessageflow/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..fa3ec6758919c --- /dev/null +++ b/clients/client-workmailmessageflow/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,140 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkMailMessageFlowClientConfig, WorkMailMessageFlowClientResolvedConfig } from "../WorkMailMessageFlowClient"; + +/** + * @internal + */ +export interface WorkMailMessageFlowHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkMailMessageFlowHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkMailMessageFlowClientResolvedConfig, + HandlerExecutionContext, + WorkMailMessageFlowHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkMailMessageFlowHttpAuthSchemeParametersProvider = async ( + config: WorkMailMessageFlowClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkMailMessageFlowHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "workmailmessageflow", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkMailMessageFlowClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkMailMessageFlowHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkMailMessageFlowHttpAuthSchemeProvider: WorkMailMessageFlowHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkMailMessageFlowHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkMailMessageFlowHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workmailmessageflow/src/extensionConfiguration.ts b/clients/client-workmailmessageflow/src/extensionConfiguration.ts index 3ab13b9e22a76..a586b404d96bd 100644 --- a/clients/client-workmailmessageflow/src/extensionConfiguration.ts +++ b/clients/client-workmailmessageflow/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkMailMessageFlowExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workmailmessageflow/src/runtimeConfig.shared.ts b/clients/client-workmailmessageflow/src/runtimeConfig.shared.ts index f0b38846c95c8..276deab4a6e16 100644 --- a/clients/client-workmailmessageflow/src/runtimeConfig.shared.ts +++ b/clients/client-workmailmessageflow/src/runtimeConfig.shared.ts @@ -1,10 +1,13 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { sdkStreamMixin } from "@smithy/util-stream"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkMailMessageFlowHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkMailMessageFlowClientConfig } from "./WorkMailMessageFlowClient"; @@ -19,6 +22,14 @@ export const getRuntimeConfig = (config: WorkMailMessageFlowClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkMailMessageFlowHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), sdkStreamMixin: config?.sdkStreamMixin ?? sdkStreamMixin, serviceId: config?.serviceId ?? "WorkMailMessageFlow", diff --git a/clients/client-workmailmessageflow/src/runtimeExtensions.ts b/clients/client-workmailmessageflow/src/runtimeExtensions.ts index 7b8291760141b..64bb168244510 100644 --- a/clients/client-workmailmessageflow/src/runtimeExtensions.ts +++ b/clients/client-workmailmessageflow/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkMailMessageFlowExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workspaces-thin-client/package.json b/clients/client-workspaces-thin-client/package.json index 8fa1f7647cb82..10ed965799bbb 100644 --- a/clients/client-workspaces-thin-client/package.json +++ b/clients/client-workspaces-thin-client/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-workspaces-thin-client/src/WorkSpacesThinClientClient.ts b/clients/client-workspaces-thin-client/src/WorkSpacesThinClientClient.ts index 4661000964cee..bb8d337b2f3fe 100644 --- a/clients/client-workspaces-thin-client/src/WorkSpacesThinClientClient.ts +++ b/clients/client-workspaces-thin-client/src/WorkSpacesThinClientClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkSpacesThinClientHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { CreateEnvironmentCommandInput, CreateEnvironmentCommandOutput } from "./commands/CreateEnvironmentCommand"; import { DeleteDeviceCommandInput, DeleteDeviceCommandOutput } from "./commands/DeleteDeviceCommand"; import { DeleteEnvironmentCommandInput, DeleteEnvironmentCommandOutput } from "./commands/DeleteEnvironmentCommand"; @@ -207,21 +212,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -260,8 +266,8 @@ export type WorkSpacesThinClientClientConfigType = Partial<__SmithyConfiguration EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -280,8 +286,8 @@ export type WorkSpacesThinClientClientResolvedConfigType = __SmithyResolvedConfi EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -323,8 +329,8 @@ export class WorkSpacesThinClientClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -333,8 +339,14 @@ export class WorkSpacesThinClientClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -345,4 +357,13 @@ export class WorkSpacesThinClientClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkSpacesThinClientHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkSpacesThinClientClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workspaces-thin-client/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workspaces-thin-client/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..302a6f63edac0 --- /dev/null +++ b/clients/client-workspaces-thin-client/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkSpacesThinClientHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesThinClientHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkSpacesThinClientHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkSpacesThinClientHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesThinClientHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkSpacesThinClientHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workspaces-thin-client/src/auth/httpAuthSchemeProvider.ts b/clients/client-workspaces-thin-client/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..72413c0df1ecd --- /dev/null +++ b/clients/client-workspaces-thin-client/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,145 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { + WorkSpacesThinClientClientConfig, + WorkSpacesThinClientClientResolvedConfig, +} from "../WorkSpacesThinClientClient"; + +/** + * @internal + */ +export interface WorkSpacesThinClientHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkSpacesThinClientHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkSpacesThinClientClientResolvedConfig, + HandlerExecutionContext, + WorkSpacesThinClientHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkSpacesThinClientHttpAuthSchemeParametersProvider = async ( + config: WorkSpacesThinClientClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption( + authParameters: WorkSpacesThinClientHttpAuthSchemeParameters +): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "thinclient", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkSpacesThinClientClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkSpacesThinClientHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkSpacesThinClientHttpAuthSchemeProvider: WorkSpacesThinClientHttpAuthSchemeProvider = ( + authParameters +) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkSpacesThinClientHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkSpacesThinClientHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workspaces-thin-client/src/extensionConfiguration.ts b/clients/client-workspaces-thin-client/src/extensionConfiguration.ts index d7c8397e88403..72c2942f9bf7c 100644 --- a/clients/client-workspaces-thin-client/src/extensionConfiguration.ts +++ b/clients/client-workspaces-thin-client/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkSpacesThinClientExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workspaces-thin-client/src/runtimeConfig.shared.ts b/clients/client-workspaces-thin-client/src/runtimeConfig.shared.ts index 01d20b90714fa..765a28ece9917 100644 --- a/clients/client-workspaces-thin-client/src/runtimeConfig.shared.ts +++ b/clients/client-workspaces-thin-client/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkSpacesThinClientHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkSpacesThinClientClientConfig } from "./WorkSpacesThinClientClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkSpacesThinClientClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkSpacesThinClientHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkSpaces Thin Client", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-workspaces-thin-client/src/runtimeExtensions.ts b/clients/client-workspaces-thin-client/src/runtimeExtensions.ts index 4bef5069e69fe..75cfdd99dfb39 100644 --- a/clients/client-workspaces-thin-client/src/runtimeExtensions.ts +++ b/clients/client-workspaces-thin-client/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkSpacesThinClientExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workspaces-web/package.json b/clients/client-workspaces-web/package.json index 067ffba35a1d7..3628540d0b0f2 100644 --- a/clients/client-workspaces-web/package.json +++ b/clients/client-workspaces-web/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/clients/client-workspaces-web/src/WorkSpacesWebClient.ts b/clients/client-workspaces-web/src/WorkSpacesWebClient.ts index 6100df7550381..4c01061c4ff8d 100644 --- a/clients/client-workspaces-web/src/WorkSpacesWebClient.ts +++ b/clients/client-workspaces-web/src/WorkSpacesWebClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkSpacesWebHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateBrowserSettingsCommandInput, AssociateBrowserSettingsCommandOutput, @@ -447,21 +452,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -500,8 +506,8 @@ export type WorkSpacesWebClientConfigType = Partial<__SmithyConfiguration<__Http EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -520,8 +526,8 @@ export type WorkSpacesWebClientResolvedConfigType = __SmithyResolvedConfiguratio EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -557,8 +563,8 @@ export class WorkSpacesWebClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -567,8 +573,14 @@ export class WorkSpacesWebClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -579,4 +591,13 @@ export class WorkSpacesWebClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkSpacesWebHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkSpacesWebClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workspaces-web/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workspaces-web/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..4722db8a14893 --- /dev/null +++ b/clients/client-workspaces-web/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkSpacesWebHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesWebHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkSpacesWebHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkSpacesWebHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesWebHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkSpacesWebHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workspaces-web/src/auth/httpAuthSchemeProvider.ts b/clients/client-workspaces-web/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..7384015fefde0 --- /dev/null +++ b/clients/client-workspaces-web/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,138 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkSpacesWebClientConfig, WorkSpacesWebClientResolvedConfig } from "../WorkSpacesWebClient"; + +/** + * @internal + */ +export interface WorkSpacesWebHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkSpacesWebHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkSpacesWebClientResolvedConfig, + HandlerExecutionContext, + WorkSpacesWebHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkSpacesWebHttpAuthSchemeParametersProvider = async ( + config: WorkSpacesWebClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkSpacesWebHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "workspaces-web", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkSpacesWebClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkSpacesWebHttpAuthSchemeProvider + extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkSpacesWebHttpAuthSchemeProvider: WorkSpacesWebHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkSpacesWebHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkSpacesWebHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workspaces-web/src/extensionConfiguration.ts b/clients/client-workspaces-web/src/extensionConfiguration.ts index 0ac1ad0915fe9..1ac615f76ad37 100644 --- a/clients/client-workspaces-web/src/extensionConfiguration.ts +++ b/clients/client-workspaces-web/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkSpacesWebExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workspaces-web/src/runtimeConfig.shared.ts b/clients/client-workspaces-web/src/runtimeConfig.shared.ts index 3358787959774..e90ce6f5216b3 100644 --- a/clients/client-workspaces-web/src/runtimeConfig.shared.ts +++ b/clients/client-workspaces-web/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkSpacesWebHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkSpacesWebClientConfig } from "./WorkSpacesWebClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkSpacesWebClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkSpacesWebHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkSpaces Web", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-workspaces-web/src/runtimeExtensions.ts b/clients/client-workspaces-web/src/runtimeExtensions.ts index fa873b6661824..606e2cb524b71 100644 --- a/clients/client-workspaces-web/src/runtimeExtensions.ts +++ b/clients/client-workspaces-web/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkSpacesWebExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-workspaces/package.json b/clients/client-workspaces/package.json index 6b94cd2a2d851..b680aa3aac78b 100644 --- a/clients/client-workspaces/package.json +++ b/clients/client-workspaces/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-workspaces/src/WorkSpacesClient.ts b/clients/client-workspaces/src/WorkSpacesClient.ts index b2be09214c039..c46f83709bc3a 100644 --- a/clients/client-workspaces/src/WorkSpacesClient.ts +++ b/clients/client-workspaces/src/WorkSpacesClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultWorkSpacesHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { AssociateConnectionAliasCommandInput, AssociateConnectionAliasCommandOutput, @@ -534,21 +539,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -587,8 +593,8 @@ export type WorkSpacesClientConfigType = Partial<__SmithyConfiguration<__HttpHan EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -607,8 +613,8 @@ export type WorkSpacesClientResolvedConfigType = __SmithyResolvedConfiguration<_ EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -655,8 +661,8 @@ export class WorkSpacesClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -665,8 +671,14 @@ export class WorkSpacesClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -677,4 +689,13 @@ export class WorkSpacesClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultWorkSpacesHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: WorkSpacesClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-workspaces/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-workspaces/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..1ac07e620afb9 --- /dev/null +++ b/clients/client-workspaces/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { WorkSpacesHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): WorkSpacesHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: WorkSpacesHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: WorkSpacesHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): WorkSpacesHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-workspaces/src/auth/httpAuthSchemeProvider.ts b/clients/client-workspaces/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..828173d2c4cc5 --- /dev/null +++ b/clients/client-workspaces/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { WorkSpacesClientConfig, WorkSpacesClientResolvedConfig } from "../WorkSpacesClient"; + +/** + * @internal + */ +export interface WorkSpacesHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface WorkSpacesHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + WorkSpacesClientResolvedConfig, + HandlerExecutionContext, + WorkSpacesHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultWorkSpacesHttpAuthSchemeParametersProvider = async ( + config: WorkSpacesClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: WorkSpacesHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "workspaces", + region: authParameters.region, + }, + propertiesExtractor: (config: WorkSpacesClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface WorkSpacesHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultWorkSpacesHttpAuthSchemeProvider: WorkSpacesHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: WorkSpacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: WorkSpacesHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-workspaces/src/extensionConfiguration.ts b/clients/client-workspaces/src/extensionConfiguration.ts index 980961392d781..fd648ade449ad 100644 --- a/clients/client-workspaces/src/extensionConfiguration.ts +++ b/clients/client-workspaces/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface WorkSpacesExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-workspaces/src/runtimeConfig.shared.ts b/clients/client-workspaces/src/runtimeConfig.shared.ts index 4d622a1d2d253..c3d472bd552cb 100644 --- a/clients/client-workspaces/src/runtimeConfig.shared.ts +++ b/clients/client-workspaces/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultWorkSpacesHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { WorkSpacesClientConfig } from "./WorkSpacesClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: WorkSpacesClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultWorkSpacesHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "WorkSpaces", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-workspaces/src/runtimeExtensions.ts b/clients/client-workspaces/src/runtimeExtensions.ts index c7af377f6dbc9..82becda02cb91 100644 --- a/clients/client-workspaces/src/runtimeExtensions.ts +++ b/clients/client-workspaces/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { WorkSpacesExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/clients/client-xray/package.json b/clients/client-xray/package.json index 290830e60739c..78ff1bc48e25a 100644 --- a/clients/client-xray/package.json +++ b/clients/client-xray/package.json @@ -26,7 +26,6 @@ "@aws-sdk/middleware-host-header": "*", "@aws-sdk/middleware-logger": "*", "@aws-sdk/middleware-recursion-detection": "*", - "@aws-sdk/middleware-signing": "*", "@aws-sdk/middleware-user-agent": "*", "@aws-sdk/region-config-resolver": "*", "@aws-sdk/types": "*", @@ -34,7 +33,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -53,8 +52,9 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-endpoints": "^1.1.1", + "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" diff --git a/clients/client-xray/src/XRayClient.ts b/clients/client-xray/src/XRayClient.ts index 14b975e5990a9..d51d848e3cce1 100644 --- a/clients/client-xray/src/XRayClient.ts +++ b/clients/client-xray/src/XRayClient.ts @@ -7,20 +7,18 @@ import { } from "@aws-sdk/middleware-host-header"; import { getLoggerPlugin } from "@aws-sdk/middleware-logger"; import { getRecursionDetectionPlugin } from "@aws-sdk/middleware-recursion-detection"; -import { - AwsAuthInputConfig, - AwsAuthResolvedConfig, - getAwsAuthPlugin, - resolveAwsAuthConfig, -} from "@aws-sdk/middleware-signing"; import { getUserAgentPlugin, resolveUserAgentConfig, UserAgentInputConfig, UserAgentResolvedConfig, } from "@aws-sdk/middleware-user-agent"; -import { Credentials as __Credentials } from "@aws-sdk/types"; import { RegionInputConfig, RegionResolvedConfig, resolveRegionConfig } from "@smithy/config-resolver"; +import { + DefaultIdentityProviderConfig, + getHttpAuthSchemeEndpointRuleSetPlugin, + getHttpSigningPlugin, +} from "@smithy/core"; import { getContentLengthPlugin } from "@smithy/middleware-content-length"; import { EndpointInputConfig, EndpointResolvedConfig, resolveEndpointConfig } from "@smithy/middleware-endpoint"; import { getRetryPlugin, resolveRetryConfig, RetryInputConfig, RetryResolvedConfig } from "@smithy/middleware-retry"; @@ -32,6 +30,7 @@ import { SmithyResolvedConfiguration as __SmithyResolvedConfiguration, } from "@smithy/smithy-client"; import { + AwsCredentialIdentityProvider, BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, @@ -48,6 +47,12 @@ import { UserAgent as __UserAgent, } from "@smithy/types"; +import { + defaultXRayHttpAuthSchemeParametersProvider, + HttpAuthSchemeInputConfig, + HttpAuthSchemeResolvedConfig, + resolveHttpAuthSchemeConfig, +} from "./auth/httpAuthSchemeProvider"; import { BatchGetTracesCommandInput, BatchGetTracesCommandOutput } from "./commands/BatchGetTracesCommand"; import { CreateGroupCommandInput, CreateGroupCommandOutput } from "./commands/CreateGroupCommand"; import { CreateSamplingRuleCommandInput, CreateSamplingRuleCommandOutput } from "./commands/CreateSamplingRuleCommand"; @@ -276,21 +281,22 @@ export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__ useFipsEndpoint?: boolean | __Provider; /** - * The AWS region to which this client will send requests + * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * @internal */ - region?: string | __Provider; + defaultUserAgentProvider?: Provider<__UserAgent>; /** - * Default credentials provider; Not available in browser runtime. - * @internal + * The AWS region to which this client will send requests */ - credentialDefaultProvider?: (input: any) => __Provider<__Credentials>; + region?: string | __Provider; /** - * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header + * Default credentials provider; Not available in browser runtime. + * @deprecated * @internal */ - defaultUserAgentProvider?: Provider<__UserAgent>; + credentialDefaultProvider?: (input: any) => AwsCredentialIdentityProvider; /** * Value for how many times a request will be made at most in case of retry. @@ -329,8 +335,8 @@ export type XRayClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOp EndpointInputConfig & RetryInputConfig & HostHeaderInputConfig & - AwsAuthInputConfig & UserAgentInputConfig & + HttpAuthSchemeInputConfig & ClientInputEndpointParameters; /** * @public @@ -349,8 +355,8 @@ export type XRayClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpH EndpointResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & - AwsAuthResolvedConfig & UserAgentResolvedConfig & + HttpAuthSchemeResolvedConfig & ClientResolvedEndpointParameters; /** * @public @@ -382,8 +388,8 @@ export class XRayClient extends __Client< const _config_3 = resolveEndpointConfig(_config_2); const _config_4 = resolveRetryConfig(_config_3); const _config_5 = resolveHostHeaderConfig(_config_4); - const _config_6 = resolveAwsAuthConfig(_config_5); - const _config_7 = resolveUserAgentConfig(_config_6); + const _config_6 = resolveUserAgentConfig(_config_5); + const _config_7 = resolveHttpAuthSchemeConfig(_config_6); const _config_8 = resolveRuntimeExtensions(_config_7, configuration?.extensions || []); super(_config_8); this.config = _config_8; @@ -392,8 +398,14 @@ export class XRayClient extends __Client< this.middlewareStack.use(getHostHeaderPlugin(this.config)); this.middlewareStack.use(getLoggerPlugin(this.config)); this.middlewareStack.use(getRecursionDetectionPlugin(this.config)); - this.middlewareStack.use(getAwsAuthPlugin(this.config)); this.middlewareStack.use(getUserAgentPlugin(this.config)); + this.middlewareStack.use( + getHttpAuthSchemeEndpointRuleSetPlugin(this.config, { + httpAuthSchemeParametersProvider: this.getDefaultHttpAuthSchemeParametersProvider(), + identityProviderConfigProvider: this.getIdentityProviderConfigProvider(), + }) + ); + this.middlewareStack.use(getHttpSigningPlugin(this.config)); } /** @@ -404,4 +416,13 @@ export class XRayClient extends __Client< destroy(): void { super.destroy(); } + private getDefaultHttpAuthSchemeParametersProvider() { + return defaultXRayHttpAuthSchemeParametersProvider; + } + private getIdentityProviderConfigProvider() { + return async (config: XRayClientResolvedConfig) => + new DefaultIdentityProviderConfig({ + "aws.auth#sigv4": config.credentials, + }); + } } diff --git a/clients/client-xray/src/auth/httpAuthExtensionConfiguration.ts b/clients/client-xray/src/auth/httpAuthExtensionConfiguration.ts new file mode 100644 index 0000000000000..50629cf4d1c97 --- /dev/null +++ b/clients/client-xray/src/auth/httpAuthExtensionConfiguration.ts @@ -0,0 +1,72 @@ +// smithy-typescript generated code +import { AwsCredentialIdentity, AwsCredentialIdentityProvider, HttpAuthScheme } from "@smithy/types"; + +import { XRayHttpAuthSchemeProvider } from "./httpAuthSchemeProvider"; + +/** + * @internal + */ +export interface HttpAuthExtensionConfiguration { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void; + httpAuthSchemes(): HttpAuthScheme[]; + setHttpAuthSchemeProvider(httpAuthSchemeProvider: XRayHttpAuthSchemeProvider): void; + httpAuthSchemeProvider(): XRayHttpAuthSchemeProvider; + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void; + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined; +} + +/** + * @internal + */ +export type HttpAuthRuntimeConfig = Partial<{ + httpAuthSchemes: HttpAuthScheme[]; + httpAuthSchemeProvider: XRayHttpAuthSchemeProvider; + credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider; +}>; + +/** + * @internal + */ +export const getHttpAuthExtensionConfiguration = ( + runtimeConfig: HttpAuthRuntimeConfig +): HttpAuthExtensionConfiguration => { + const _httpAuthSchemes = runtimeConfig.httpAuthSchemes!; + let _httpAuthSchemeProvider = runtimeConfig.httpAuthSchemeProvider!; + let _credentials = runtimeConfig.credentials; + return { + setHttpAuthScheme(httpAuthScheme: HttpAuthScheme): void { + const index = _httpAuthSchemes.findIndex((scheme) => scheme.schemeId === httpAuthScheme.schemeId); + if (index === -1) { + _httpAuthSchemes.push(httpAuthScheme); + } else { + _httpAuthSchemes.splice(index, 1, httpAuthScheme); + } + }, + httpAuthSchemes(): HttpAuthScheme[] { + return _httpAuthSchemes; + }, + setHttpAuthSchemeProvider(httpAuthSchemeProvider: XRayHttpAuthSchemeProvider): void { + _httpAuthSchemeProvider = httpAuthSchemeProvider; + }, + httpAuthSchemeProvider(): XRayHttpAuthSchemeProvider { + return _httpAuthSchemeProvider; + }, + setCredentials(credentials: AwsCredentialIdentity | AwsCredentialIdentityProvider): void { + _credentials = credentials; + }, + credentials(): AwsCredentialIdentity | AwsCredentialIdentityProvider | undefined { + return _credentials; + }, + }; +}; + +/** + * @internal + */ +export const resolveHttpAuthRuntimeConfig = (config: HttpAuthExtensionConfiguration): HttpAuthRuntimeConfig => { + return { + httpAuthSchemes: config.httpAuthSchemes(), + httpAuthSchemeProvider: config.httpAuthSchemeProvider(), + credentials: config.credentials(), + }; +}; diff --git a/clients/client-xray/src/auth/httpAuthSchemeProvider.ts b/clients/client-xray/src/auth/httpAuthSchemeProvider.ts new file mode 100644 index 0000000000000..042e8178c27e8 --- /dev/null +++ b/clients/client-xray/src/auth/httpAuthSchemeProvider.ts @@ -0,0 +1,137 @@ +// smithy-typescript generated code +import { + AwsSdkSigV4AuthInputConfig, + AwsSdkSigV4AuthResolvedConfig, + AwsSdkSigV4PreviouslyResolved, + resolveAwsSdkSigV4Config, +} from "@aws-sdk/core"; +import { + HandlerExecutionContext, + HttpAuthOption, + HttpAuthScheme, + HttpAuthSchemeParameters, + HttpAuthSchemeParametersProvider, + HttpAuthSchemeProvider, +} from "@smithy/types"; +import { getSmithyContext, normalizeProvider } from "@smithy/util-middleware"; + +import { XRayClientConfig, XRayClientResolvedConfig } from "../XRayClient"; + +/** + * @internal + */ +export interface XRayHttpAuthSchemeParameters extends HttpAuthSchemeParameters { + region?: string; +} + +/** + * @internal + */ +export interface XRayHttpAuthSchemeParametersProvider + extends HttpAuthSchemeParametersProvider< + XRayClientResolvedConfig, + HandlerExecutionContext, + XRayHttpAuthSchemeParameters, + object + > {} + +/** + * @internal + */ +export const defaultXRayHttpAuthSchemeParametersProvider = async ( + config: XRayClientResolvedConfig, + context: HandlerExecutionContext, + input: object +): Promise => { + return { + operation: getSmithyContext(context).operation as string, + region: + (await normalizeProvider(config.region)()) || + (() => { + throw new Error("expected `region` to be configured for `aws.auth#sigv4`"); + })(), + }; +}; + +function createAwsAuthSigv4HttpAuthOption(authParameters: XRayHttpAuthSchemeParameters): HttpAuthOption { + return { + schemeId: "aws.auth#sigv4", + signingProperties: { + name: "xray", + region: authParameters.region, + }, + propertiesExtractor: (config: XRayClientConfig, context) => ({ + /** + * @internal + */ + signingProperties: { + config, + context, + }, + }), + }; +} + +/** + * @internal + */ +export interface XRayHttpAuthSchemeProvider extends HttpAuthSchemeProvider {} + +/** + * @internal + */ +export const defaultXRayHttpAuthSchemeProvider: XRayHttpAuthSchemeProvider = (authParameters) => { + const options: HttpAuthOption[] = []; + switch (authParameters.operation) { + default: { + options.push(createAwsAuthSigv4HttpAuthOption(authParameters)); + } + } + return options; +}; + +/** + * @internal + */ +export interface HttpAuthSchemeInputConfig extends AwsSdkSigV4AuthInputConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + httpAuthSchemes?: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + httpAuthSchemeProvider?: XRayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export interface HttpAuthSchemeResolvedConfig extends AwsSdkSigV4AuthResolvedConfig { + /** + * experimentalIdentityAndAuth: Configuration of HttpAuthSchemes for a client which provides default identity providers and signers per auth scheme. + * @internal + */ + readonly httpAuthSchemes: HttpAuthScheme[]; + + /** + * experimentalIdentityAndAuth: Configuration of an HttpAuthSchemeProvider for a client which resolves which HttpAuthScheme to use. + * @internal + */ + readonly httpAuthSchemeProvider: XRayHttpAuthSchemeProvider; +} + +/** + * @internal + */ +export const resolveHttpAuthSchemeConfig = ( + config: T & HttpAuthSchemeInputConfig & AwsSdkSigV4PreviouslyResolved +): T & HttpAuthSchemeResolvedConfig => { + const config_0 = resolveAwsSdkSigV4Config(config); + return { + ...config_0, + } as T & HttpAuthSchemeResolvedConfig; +}; diff --git a/clients/client-xray/src/extensionConfiguration.ts b/clients/client-xray/src/extensionConfiguration.ts index 2dab5d532fae2..25b3f682a4949 100644 --- a/clients/client-xray/src/extensionConfiguration.ts +++ b/clients/client-xray/src/extensionConfiguration.ts @@ -3,10 +3,13 @@ import { AwsRegionExtensionConfiguration } from "@aws-sdk/types"; import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http"; import { DefaultExtensionConfiguration } from "@smithy/types"; +import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration"; + /** * @internal */ export interface XRayExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, - AwsRegionExtensionConfiguration {} + AwsRegionExtensionConfiguration, + HttpAuthExtensionConfiguration {} diff --git a/clients/client-xray/src/runtimeConfig.shared.ts b/clients/client-xray/src/runtimeConfig.shared.ts index 5a9982e7044ad..8291b9e8f0e9b 100644 --- a/clients/client-xray/src/runtimeConfig.shared.ts +++ b/clients/client-xray/src/runtimeConfig.shared.ts @@ -1,9 +1,12 @@ // smithy-typescript generated code +import { AwsSdkSigV4Signer } from "@aws-sdk/core"; import { NoOpLogger } from "@smithy/smithy-client"; +import { IdentityProviderConfig } from "@smithy/types"; import { parseUrl } from "@smithy/url-parser"; import { fromBase64, toBase64 } from "@smithy/util-base64"; import { fromUtf8, toUtf8 } from "@smithy/util-utf8"; +import { defaultXRayHttpAuthSchemeProvider } from "./auth/httpAuthSchemeProvider"; import { defaultEndpointResolver } from "./endpoint/endpointResolver"; import { XRayClientConfig } from "./XRayClient"; @@ -18,6 +21,14 @@ export const getRuntimeConfig = (config: XRayClientConfig) => { disableHostPrefix: config?.disableHostPrefix ?? false, endpointProvider: config?.endpointProvider ?? defaultEndpointResolver, extensions: config?.extensions ?? [], + httpAuthSchemeProvider: config?.httpAuthSchemeProvider ?? defaultXRayHttpAuthSchemeProvider, + httpAuthSchemes: config?.httpAuthSchemes ?? [ + { + schemeId: "aws.auth#sigv4", + identityProvider: (ipc: IdentityProviderConfig) => ipc.getIdentityProvider("aws.auth#sigv4"), + signer: new AwsSdkSigV4Signer(), + }, + ], logger: config?.logger ?? new NoOpLogger(), serviceId: config?.serviceId ?? "XRay", urlParser: config?.urlParser ?? parseUrl, diff --git a/clients/client-xray/src/runtimeExtensions.ts b/clients/client-xray/src/runtimeExtensions.ts index 7662784b29068..19fdbdb81ac97 100644 --- a/clients/client-xray/src/runtimeExtensions.ts +++ b/clients/client-xray/src/runtimeExtensions.ts @@ -6,6 +6,7 @@ import { import { getHttpHandlerExtensionConfiguration, resolveHttpHandlerRuntimeConfig } from "@smithy/protocol-http"; import { getDefaultExtensionConfiguration, resolveDefaultRuntimeConfig } from "@smithy/smithy-client"; +import { getHttpAuthExtensionConfiguration, resolveHttpAuthRuntimeConfig } from "./auth/httpAuthExtensionConfiguration"; import { XRayExtensionConfiguration } from "./extensionConfiguration"; /** @@ -32,6 +33,7 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...asPartial(getAwsRegionExtensionConfiguration(runtimeConfig)), ...asPartial(getDefaultExtensionConfiguration(runtimeConfig)), ...asPartial(getHttpHandlerExtensionConfiguration(runtimeConfig)), + ...asPartial(getHttpAuthExtensionConfiguration(runtimeConfig)), }; extensions.forEach((extension) => extension.configure(extensionConfiguration)); @@ -41,5 +43,6 @@ export const resolveRuntimeExtensions = (runtimeConfig: any, extensions: Runtime ...resolveAwsRegionExtensionConfiguration(extensionConfiguration), ...resolveDefaultRuntimeConfig(extensionConfiguration), ...resolveHttpHandlerRuntimeConfig(extensionConfiguration), + ...resolveHttpAuthRuntimeConfig(extensionConfiguration), }; }; diff --git a/codegen/sdk-codegen/build.gradle.kts b/codegen/sdk-codegen/build.gradle.kts index 9f50bfb0a7f74..e852505933fdc 100644 --- a/codegen/sdk-codegen/build.gradle.kts +++ b/codegen/sdk-codegen/build.gradle.kts @@ -105,20 +105,18 @@ tasks.register("generate-smithy-build") { File("smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/package.json.template") .readText() ).expectObjectNode() - val experimentalIdentityAndAuthServices = setOf( - ShapeId.from("com.amazonaws.codecatalyst#CodeCatalyst"), - ShapeId.from("com.amazonaws.sts#AWSSecurityTokenServiceV20110615"), - ShapeId.from("com.amazonaws.sqs#AmazonSQS"), - ShapeId.from("com.amazonaws.dynamodb#DynamoDB_20120810"), - ShapeId.from("com.amazonaws.rds#AmazonRDSv19"), - ShapeId.from("com.amazonaws.ec2#AmazonEC2"), - ShapeId.from("com.amazonaws.polly#Parrot_v1"), - ShapeId.from("com.amazonaws.apigateway#BackplaneControlService"), - ShapeId.from("com.amazonaws.glacier#Glacier"), - ShapeId.from("com.amazonaws.machinelearning#AmazonML_20141212"), - ShapeId.from("com.amazonaws.route53#AWSDnsV20130401"), - ShapeId.from("com.amazonaws.s3control#AWSS3ControlServiceV20180820"), + val nonExperimentalIdentityAndAuthServices = setOf( + // Services with EventStream input + "Lex Runtime V2", + "RekognitionStreaming", + "Transcribe Streaming", + // Endpoint Ruleset Auth Scheme Resolvers + "EventBridge", + "CloudFront KeyValueStore", + // S3 + "S3", ) + check(nonExperimentalIdentityAndAuthServices.size == 6) val projectionContents = Node.objectNodeBuilder() .withMember("imports", Node.fromStrings("${models.getAbsolutePath()}${File.separator}${file.name}")) .withMember("plugins", Node.objectNode() @@ -129,7 +127,7 @@ tasks.register("generate-smithy-build") { .withMember("packageJson", manifestOverwrites) .withMember("packageDescription", "AWS SDK for JavaScript " + clientName + " Client for Node.js, Browser and React Native") - .withMember("experimentalIdentityAndAuth", experimentalIdentityAndAuthServices.contains(service.getId())) + .withMember("experimentalIdentityAndAuth", !nonExperimentalIdentityAndAuthServices.contains(serviceTrait.sdkId)) .build())) .build() projectionsBuilder.withMember(sdkId + "." + version.toLowerCase(), projectionContents) diff --git a/packages/core/package.json b/packages/core/package.json index 41ef2b5f596ae..d295d1090871c 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -24,7 +24,7 @@ }, "license": "Apache-2.0", "dependencies": { - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/protocol-http": "^3.1.1", "@smithy/signature-v4": "^2.1.1", "@smithy/smithy-client": "^2.3.1", diff --git a/private/aws-client-api-test/package.json b/private/aws-client-api-test/package.json index a0a6fa17f5c46..15bfb7fff8aa0 100644 --- a/private/aws-client-api-test/package.json +++ b/private/aws-client-api-test/package.json @@ -30,7 +30,7 @@ "@smithy/url-parser": "^2.1.1", "@smithy/util-base64": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/private/aws-echo-service/package.json b/private/aws-echo-service/package.json index 0b1f26dd5e5e8..ad02e8d3840fd 100644 --- a/private/aws-echo-service/package.json +++ b/private/aws-echo-service/package.json @@ -27,7 +27,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -45,7 +45,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/private/aws-echo-service/src/protocols/Aws_restJson1.ts b/private/aws-echo-service/src/protocols/Aws_restJson1.ts index 93e01d2fa8918..40e228404a1e4 100644 --- a/private/aws-echo-service/src/protocols/Aws_restJson1.ts +++ b/private/aws-echo-service/src/protocols/Aws_restJson1.ts @@ -1,16 +1,20 @@ // smithy-typescript generated code +import { EchoCommandInput, EchoCommandOutput } from "../commands/EchoCommand"; +import { LengthCommandInput, LengthCommandOutput } from "../commands/LengthCommand"; +import { EchoServiceServiceException as __BaseException } from "../models/EchoServiceServiceException"; +import { PalindromeException } from "../models/models_0"; import { requestBuilder as rb } from "@smithy/core"; import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@smithy/protocol-http"; import { - _json, - collectBody, decorateServiceException as __decorateServiceException, expectInt32 as __expectInt32, expectNonNull as __expectNonNull, expectObject as __expectObject, expectString as __expectString, - map, resolvedPath as __resolvedPath, + _json, + collectBody, + map, take, withBaseException, } from "@smithy/smithy-client"; @@ -21,11 +25,6 @@ import { } from "@smithy/types"; import { v4 as generateIdempotencyToken } from "uuid"; -import { EchoCommandInput, EchoCommandOutput } from "../commands/EchoCommand"; -import { LengthCommandInput, LengthCommandOutput } from "../commands/LengthCommand"; -import { EchoServiceServiceException as __BaseException } from "../models/EchoServiceServiceException"; -import { PalindromeException } from "../models/models_0"; - /** * serializeAws_restJson1EchoCommand */ diff --git a/private/aws-protocoltests-ec2/package.json b/private/aws-protocoltests-ec2/package.json index 1f2ad29104b90..5a6e29d02b310 100644 --- a/private/aws-protocoltests-ec2/package.json +++ b/private/aws-protocoltests-ec2/package.json @@ -47,7 +47,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "fast-xml-parser": "4.2.5", diff --git a/private/aws-protocoltests-json-10/package.json b/private/aws-protocoltests-json-10/package.json index e70cd664e16a6..1d3e0a2e3ac22 100644 --- a/private/aws-protocoltests-json-10/package.json +++ b/private/aws-protocoltests-json-10/package.json @@ -47,7 +47,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/private/aws-protocoltests-json/package.json b/private/aws-protocoltests-json/package.json index 2516b53521e75..d4b5a7ca1de7d 100644 --- a/private/aws-protocoltests-json/package.json +++ b/private/aws-protocoltests-json/package.json @@ -50,7 +50,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0", diff --git a/private/aws-protocoltests-query/package.json b/private/aws-protocoltests-query/package.json index e55c4370ea091..c32b700b6ac0a 100644 --- a/private/aws-protocoltests-query/package.json +++ b/private/aws-protocoltests-query/package.json @@ -47,7 +47,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", "fast-xml-parser": "4.2.5", diff --git a/private/aws-protocoltests-restjson/package.json b/private/aws-protocoltests-restjson/package.json index 96c9323ddfb25..0365e1a7151f9 100644 --- a/private/aws-protocoltests-restjson/package.json +++ b/private/aws-protocoltests-restjson/package.json @@ -29,7 +29,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-blob-browser": "^2.1.1", "@smithy/hash-node": "^2.1.1", @@ -53,7 +53,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/private/aws-protocoltests-restxml/package.json b/private/aws-protocoltests-restxml/package.json index 7aee307a0500d..e1f4849e73882 100644 --- a/private/aws-protocoltests-restxml/package.json +++ b/private/aws-protocoltests-restxml/package.json @@ -30,7 +30,7 @@ "@aws-sdk/util-user-agent-node": "*", "@aws-sdk/xml-builder": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", "@smithy/invalid-dependency": "^2.1.1", @@ -50,7 +50,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-retry": "^2.1.1", "@smithy/util-stream": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/private/aws-restjson-server/package.json b/private/aws-restjson-server/package.json index 70e2ba728a30f..16da7248b53cb 100644 --- a/private/aws-restjson-server/package.json +++ b/private/aws-restjson-server/package.json @@ -40,7 +40,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" }, diff --git a/private/aws-restjson-validation-server/package.json b/private/aws-restjson-validation-server/package.json index c4c3f0947074a..fd40b80b15458 100644 --- a/private/aws-restjson-validation-server/package.json +++ b/private/aws-restjson-validation-server/package.json @@ -40,7 +40,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-utf8": "^2.1.1", "tslib": "^2.5.0" }, diff --git a/private/weather-experimental-identity-and-auth/package.json b/private/weather-experimental-identity-and-auth/package.json index 0e940cd60943e..292a6d16f6ad5 100644 --- a/private/weather-experimental-identity-and-auth/package.json +++ b/private/weather-experimental-identity-and-auth/package.json @@ -26,7 +26,7 @@ "@aws-sdk/util-user-agent-browser": "*", "@aws-sdk/util-user-agent-node": "*", "@smithy/config-resolver": "^2.1.1", - "@smithy/core": "^1.3.1", + "@smithy/core": "^1.3.2", "@smithy/experimental-identity-and-auth": "^0.1.1", "@smithy/fetch-http-handler": "^2.4.1", "@smithy/hash-node": "^2.1.1", @@ -45,7 +45,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/private/weather/package.json b/private/weather/package.json index a827a39a73308..a7282f8ab4147 100644 --- a/private/weather/package.json +++ b/private/weather/package.json @@ -48,7 +48,7 @@ "@smithy/util-body-length-browser": "^2.1.1", "@smithy/util-body-length-node": "^2.2.1", "@smithy/util-defaults-mode-browser": "^2.1.1", - "@smithy/util-defaults-mode-node": "^2.1.1", + "@smithy/util-defaults-mode-node": "^2.2.0", "@smithy/util-middleware": "^2.1.1", "@smithy/util-retry": "^2.1.1", "@smithy/util-utf8": "^2.1.1", diff --git a/scripts/generate-clients/config.js b/scripts/generate-clients/config.js index 2d46c53722897..ec24c5a4dbac2 100644 --- a/scripts/generate-clients/config.js +++ b/scripts/generate-clients/config.js @@ -1,7 +1,7 @@ // Update this commit when taking up new changes from smithy-typescript. module.exports = { // Use full commit hash as we explicitly fetch it. - SMITHY_TS_COMMIT: "ceb489edaf584300d0ac37c72c1a55a9a34cbd8d", + SMITHY_TS_COMMIT: "74d1aa5b97c09cb27f8ad70188d5cb02f329b25d", }; if (module.exports.SMITHY_TS_COMMIT.length < 40) { diff --git a/yarn.lock b/yarn.lock index fbf77528c698b..a09c4f40bb313 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2814,10 +2814,10 @@ "@smithy/util-middleware" "^2.1.1" tslib "^2.5.0" -"@smithy/core@^1.3.1": - version "1.3.1" - resolved "https://registry.yarnpkg.com/@smithy/core/-/core-1.3.1.tgz#ecedc564e68453b02c20db9e8435d59005c066d8" - integrity sha512-tf+NIu9FkOh312b6M9G4D68is4Xr7qptzaZGZUREELF8ysE1yLKphqt7nsomjKZVwW7WE5pDDex9idowNGRQ/Q== +"@smithy/core@^1.3.2": + version "1.3.2" + resolved "https://registry.yarnpkg.com/@smithy/core/-/core-1.3.2.tgz#e11f3860b69ec0bdbd31e6afaa54963c02dc7f8e" + integrity sha512-tYDmTp0f2TZVE18jAOH1PnmkngLQ+dOGUlMd1u67s87ieueNeyqhja6z/Z4MxhybEiXKOWFOmGjfTZWFxljwJw== dependencies: "@smithy/middleware-endpoint" "^2.4.1" "@smithy/middleware-retry" "^2.1.1" @@ -3221,10 +3221,10 @@ bowser "^2.11.0" tslib "^2.5.0" -"@smithy/util-defaults-mode-node@^2.1.1": - version "2.1.1" - resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-2.1.1.tgz#0910ee00aac3e8a08aac3e6ae8794e52f3efef02" - integrity sha512-tYVrc+w+jSBfBd267KDnvSGOh4NMz+wVH7v4CClDbkdPfnjvImBZsOURncT5jsFwR9KCuDyPoSZq4Pa6+eCUrA== +"@smithy/util-defaults-mode-node@^2.2.0": + version "2.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-2.2.0.tgz#72fd6f945c265f1ef9be647fe829d55df5101390" + integrity sha512-iFJp/N4EtkanFpBUtSrrIbtOIBf69KNuve03ic1afhJ9/korDxdM0c6cCH4Ehj/smI9pDCfVv+bqT3xZjF2WaA== dependencies: "@smithy/config-resolver" "^2.1.1" "@smithy/credential-provider-imds" "^2.2.1"